New Security Flaw in Privacy Protection of macOS Mojave

George Herman
George Herman
IT Security Expert

Get a FREE scan to check for problems

Some infections like this virus can regenerate themselves. There is no better way to detect, remediate and prevent malware infection, than to use a professional anti-malware software like SpyHunter. One Application that is capable of solving all MAC problems.

Anti-Malware

SpyHunter Anti-Malware FREE 15-day trial available.

Despite the fact that Apple announced the improved privacy protection of macOS Mojave 10.14, a new security flaw was found.

The security experts reported an unexpected bypass of privacy protection which uses an ordinary application that needs no permission to access user’s address book.

According to the researchers, the bypass entered the system via: System Preferences > Security & Privacy > Privacy, and most probably, it was addressed by Mojave updates. Soon after the first security flaw, a few more followed.

A week ago, the browser extension developer Jeff Johnson reported that a new issue was affecting all Mojave versions, including the 10.14.3 supplemental update.

Johnson said that he has found a way to access ~/Library/Safari without asking the system or user for any permission, although this directory should only be accessible via privileged apps like macOS Finder. In this way, a malware application could examine users’ browsing history and threaten their privacy.

The only positive news here is that the flaw cannot affect sandboxed apps (isolated applications with improved security) and notarised apps (applications signed by a Developer ID that have passed Apple’s automated malware checks).

Leave a Reply

Your email address will not be published.