Microsoft’s 365 Defender research team released details about a new Powerdir macOS vulnerability that allows attackers to bypass transparency, consent and control techniques to gain access to macOS, according to MacRumors. Unauthorized access to protected data.
Apple has fixed the vulnerability (CVE-2021-30970) in the macOS Monterey 12.1 update released last December, so users who update to the latest version of Monterey will not be affected. The TCC vulnerability was confirmed in the security release notes for its 12.1 updates and credited Microsoft for its discovery.
According to Microsoft, the “Powerdir” security flaw could allow a fake TCC database to be implanted. TCC is a long-running macOS feature that allows users to configure the privacy settings of their apps, and by faking the database, malicious people can hijack apps installed on Macs or install their own malicious apps, accessing the microphone and camera to gain access to Sensitive Information Information.
Microsoft said its security researchers will continue to monitor the threat landscape for new vulnerabilities and attacker techniques affecting macOS and other non-Windows devices. Software vendors like Apple, security researchers, and the larger security community need to constantly collaborate to identify and fix vulnerabilities before attackers can exploit them.