1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Apple forced to patch iOS and macOS security flaw that could have

    From TechnologyDaily@1337:1/100 to All on Friday, December 13, 2024 17:15:05
    Apple forced to patch iOS and macOS security flaw that could have leaked your private info

    Date:
    Fri, 13 Dec 2024 17:06:00 +0000

    Description:
    Method looked to to abuse FileProvider to steal iOS and macOS files, but it's now been fixed.

    FULL STORY ======================================================================Security
    researchers found a way to exfiltrate sensitive data through FileProvider
    The bug abuses the framework's elevated privileges Apple patch address issue with improved validation of symbolic links

    Apple has patched a hole in iOS and macOS which could have been abused to steal sensitive data from victims.

    Cybersecurity researchers from Jamf Threat Labs recently discovered, and reported, a vulnerability in FileProvider, a framework in macOS and iOS that enables apps to manage and access files stored on remote servers or locally.

    Tracked as CVE-2024-44131, and carrying a severity score of 5.3, the vulnerability stems from the frameworks elevated privileges, which can be abused to move files, and even upload them to a remote server under the attackers control. Manipulating symlinks

    The vulnerability bypasses Apples Transparency, Consent, and Control (TCC) framework, often described as a critical security protection mechanism for Apple devices.

    "This TCC bypass allows unauthorized access to files and folders, Health
    data, the microphone or camera, and more without alerting users," Jamf said. "This undermines user trust in the security of iOS devices and exposes personal data to risk."

    In theory, if a threat actor could get a malicious app running in an Apple device, it could intercept user action that moves, or copies files within the FIles app, and send them to a place under their control.

    "Specifically, when a user moves or copies files or directories using Files.app within a directory accessible by a malicious app running in the background, the attacker can manipulate symlinks to deceive the Files app," Jamf added. "The new symlink attack method first copies an innocent file, providing a detectable signal to a malicious process that the copying has started. Then, a symlink is inserted after the copying process is already underway, effectively bypassing the symlink check."

    Apple fixed the bug in iOS 18, iPadOS 18, and macOS Sequoia 15, with improved validation of symbolic links (symlinks), and advised users to apply the patch as soon as possible.

    Via The Hacker News You might also like Apple fixes Passwords app security bug with new 18.2 update Here's a list of the best antivirus These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/apple-forced-to-patch-ios-and-macos-sec urity-flaw-that-could-have-leaked-your-private-info


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)