San Francisco, January 15, 2025 —Microsoft exposes a macOS SIP flaw allowing rootkit installations. Apple patched it, but concerns about macOS security linger. Stay updated to stay safe.
A newly exposed macOS vulnerability, CVE-2024-44243, has sent shockwaves through the tech world, revealing a chilling reality for Apple users. The flaw, unearthed by Microsoft’s Threat Intelligence team, allowed attackers to bypass Apple’s highly trusted System Integrity Protection (SIP) framework, potentially enabling the installation of undetectable rootkits.
SIP, designed to shield core macOS components from malicious tampering, was breached by exploiting the com.apple.rootless.install.heritable” entitlement in the Storage Kit daemon. This granted hackers access to modify protected parts of the file system, jeopardizing system integrity and user privacy.
Apple promptly addressed the issue in its macOS Sequoia 15.2 update, but the implications remain alarming. Jaron Bradley, Director of Threat Labs at Jamf warned:
Bypassing SIP erodes the foundation of macOS security. The system's reliability crumbles, giving attackers free rein to evade detection and compromise user safety.
Jonathan Bar Or of Microsoft’s Threat Intelligence team added:
This isn’t just another bug; it’s a wake-up call for both Apple and its users to stay vigilant and prioritize security updates.
The CVE-2024-44243 breach follows a similar SIP-related vulnerability, Shrootless (CVE-2021-30892), cementing SIP as a coveted target for cybercriminals. Experts emphasize the critical need for regular macOS updates to combat evolving threats.
The SIP breach underscores the fragile balance between usability and robust security measures, leaving millions of macOS users questioning the reliability of their beloved ecosystem.
Other News At VPNRanks
Hey, wait!
Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life.
