If anyone with access to your Mac might carelessly download an app that wasn’t obtained from the App Store, this risk could be huge. Everyone else should update just for GP (general purposes).
PSA: Update your Mac to macOS 11.3 immediately to protect against ‘worst hack in years’
Tuesday, April 27, 2021 5:23 pm
Apple on Monday released macOS 11.3 and, if you have not yet done so, you should update your Mac to macOS 11.3 immediately to protect against “worst hack in years.” Patrick Wardle, a former NSA analyst and a macOS security expert, has described it as one of the worst security issues to have ever hit the Apple operating system.
Malicious hackers can and have created malware that, though unsigned, is misclassified by Apple’s operating system, thanks to a logic error in macOS’ code. That means malware can skip all the checks done by Apple’s security mechanisms like Gatekeeper and File Quarantine, which are designed to stop any unapproved, dangerous apps from running.
There’s one caveat: The hackers have to convince a user to download or run an app that’s not in the App Store or allowed by Apple. But once that’s done, the malware won’t be stopped installing by the Mac’s defensive tools, though macOS should stop any changes to critical system files and ask the user if the app can access photos, the mic or other systems. For anyone still running an unpatched macOS, Wardle’s advice was simple: “Don’t open anything from anybody.”
It affects all recent versions of macOS but Apple has released a patch that prevents the attacks. Version Big Sur 11.3 is available now and contains other fixes besides addressing this bug.
An Apple spokesperson said the company has now addressed the issue in macOS 11.3 and updated XProtect, its malware detection, to block the malware using this technique. That XProtect update will happen automatically and retroactively apply to older versions of macOS.
MacDailyNews Take: Again, if you haven’t already, update now. Choose System Preferences from the Apple menu , then click Software Update to check for updates, and click the Update Nowbutton.