Photo: Stephen Lam / Reuters
Expert in application development Thomas reed (Thomas Reed) found a dangerous vulnerability in macOS. The threat to computers from Apple, he described the Virus Bulletin blog.
Vulnerability is related to characteristics of check files in the macOS. The researcher found that the installed applications, as opposed to only what is uploaded by the user are not checked by the security system. After installation, the program is placed in a list of authentic and re-inspections are triggered very rarely. The attackers inject malicious code into an already functioning application.
According to reed, the vulnerability is very easy to use. “It’s easy to grab the official app that is already installed in the system without causing any validation code signing. Worst of all, most developers don’t know about it and add their own checks,” he concludes.
According to the expert, so may be compromised by the large number of applications. However, the macOS system is functioning properly, so to correct this vulnerability can except the developers themselves, adding the possibility of frequent re-inspections.
Previously, experts have discovered a new virus that infects computers on macOS. Researcher Patrick Wardle (Patrick Wardle) in his blog gave him the nickname “the fool” (OSX.Dummy). The malware required the user to enter commands, and then loaded the external file and fixed it in the system.
Video, photo All from Russia.