A Bug in Apple MacOS Ventura Breaks Third-Party Security Tools

The release of Apple's new macOS 13 Ventura operating system on October 24 brought a host of new features to Mac users, but it's also causing problems for those who rely on third party security programs.

In the process of patching a vulnerability, Apple accidentally introduced a flaw that cuts off third-party security products from the access they need to do their scans Those who upgrade their Macs to Ventura may not know that there is a problem or that they have the information to fix it.

The issue will be fixed in the next macOS software update, but Apple wouldn't say when that would happen. Users might not know that their Mac security tools are malfunctioning. Third-party security vendors are having a hard time understanding the scope of the problem.

Thomas Reed, director of Mac and mobile platforms at the antivirus maker, says that all of this happened at the same time as the release of a new version of Ventura. We got bug reports from customers that something was wrong, and we were like, 'crap, we just released a flawedbeta.' We pulled our circulation out of it's normal state. We began to see reports about other products after people upgraded to Ventura.

System visibility, also known as full disk access, is needed for security monitoring tools to conduct scans. This access is important and should only be granted to trusted programs. Apple requires users to go through a number of steps before they grant permission to use a tool. It's less likely that an attacker could trick a user into giving access to a malicious program because of this.

Csaba Fitzl, a long time macOS security researcher, found that he could exploit a vulnerability in the macOS user privacy protection known as transparency, consent, and control to easily uninstall or modify permission. Users rely on the very tools they use to warn them about suspicious activity.

Each time Apple tried to fix the flaw, Fitzl was able to find a solution. Apple made changes to how it manages permission for security services in Ventura. The company made a mistake that is causing the current issues.

Fitzl says that Apple fixed it and then they fixed it again. I think it was the right thing to redesign the whole concept after we went back and forth three times. It was a pity that it came out so close to the public release. There was not enough time to be aware of the problem. It occurred.