As reported by BleepingComputer (opens in new tab), the vulnerability (tracked as CVE-2022-42821 (opens in new tab)) and dubbed ‘Achilles’ was first discovered by principal security researcher at Microsoft, Jonathan Bar Or back in July of this year. However, we’re only hearing about it now as Apple patched this vulnerability earlier this month. If you haven’t updated your MacBook, iMac, Mac mini or other Apple computers yet, you should do so immediately as hackers often like to target vulnerable machines – especially after the discovery of a major vulnerability. Even if you’re not running macOS 13 yet, Apple has released security patches to address the issue for older versions of its operating system including macOS Monterey 12.6.2 (opens in new tab) and macOS Big Sur 11.7.2 (opens in new tab).
Bypassing Gatekeeper
Just like how Microsoft includes its own antivirus software in the form of Microsoft Defender with Windows 10 and Windows 11, Apple ships Gatekeeper and XProtect with every version of macOS. While Gatekeeper ensures every new piece of software you download for your Mac is verified before it’s installed, XProtect scans your Mac for malware. When you download a new app for your Mac using a web browser, Apple “assigns a special extended attribute to the downloaded file” according to a blog post (opens in new tab) from Microsoft Security Threat Intelligence. This attribute (com.apple.quarantine) is used by Gatekeeper to let it know that the new app needs to be checked to see if it was approved by Apple (developer-signed) before it can be installed. If a new app fails this check, macOS informs the user that it can’t be run since it’s untrusted. By exploiting the Achilles flaw in macOS though, specially-crafted payloads are able to abuse a logic issue and bypass Gatekeeper’s security protections. As such, malicious apps can be installed on a Mac. In its blog post, Microsoft also points out that Apple’s new Lockdown Mode may be capable of protecting targeted users from sophisticated attacks but the feature can’t defend against Achilles.
How to protect your Mac from malware and other threats
As we mentioned above, the first thing you should do to protect your Mac against malware spread using the Achilles flaw is to update to the latest version as Apple has since released a fix for this vulnerability. From here, you may want to consider installing one of the best Mac antivirus software solutions for additional protection. Macs have historically been safer than PCs but as more people switch from Windows to macOS, cybercriminals have begun tailoring their malware and other viruses to target Mac users instead. Even though Achilles has now been patched, we’ll likely continue to hear about this macOS flaw as hackers and other cybercriminals will look to capitalize on Mac users that didn’t update their systems to defend against it.