When you shut down your Mac, there is a pop-up asking if you want to shut it down. When your machine is turned back on, you have the option to reopen the apps and windows you have open now. A vulnerability in the saved state feature can be exploited to break Apple's security protections.
The vulnerability, which is susceptible to a process injection attack to break macOS security, could allow an attacker to read every file on a Mac or take control of theWebcam, according to Thijs Alkemade, a security researcher at Netherlands-based cybersecurity firm. He says that it could be applied to three different locations.
After attacking the saved state feature, Alkemade was able to escape the macOS sandbox, which is designed to limit successful hacks to one app, and then bypassed the System Integrity Protection.
Alkemade discovered the vulnerability in December of 2020 and reported it to Apple through its bug bounty scheme. He says he was paid a nice reward for his work. Since then, Apple has issued two updates to fix the flaw.
Apple did not comment on the flaw before Alkemade presented it. Two public updates about the vulnerability are light on detail, but they say the issues could allow malicious apps to leak sensitive user information.
The attack from Alkemade can be seen in the changes Apple has made to its Xcode development workspace. The previous versions of macOS are still vulnerable to attack despite Apple fixing the issue for Macs running the Monterey operating system.
The initial process injection vulnerability comes back to haunt you when you launch the attack. A process injection attack allows hackers to inject code into a device and run code in a way that is different to what was intended.
Attacks are not uncommon. The process injection vulnerability can be found in a specific application. It is a very rare find to have one that is universal.
When you shut down a Mac, the saved state system will save the apps and windows you have open. In a process called App Nap, this saved state system can be used.
All Rights Reserved © 2024
