2 matches found
New macOS vulnerability, Migraine, could bypass System Integrity Protection
A new vulnerability, which we refer to as “Migraine” for its involvement with macOS migration, could allow an attacker with root access to automatically bypass System Integrity Protection SIP in macOS and perform arbitrary operations on a device. We shared these findings with Apple through...
New macOS vulnerability, “powerdir,” could lead to unauthorized user data access
Following our discovery of the “Shrootless” vulnerability, Microsoft uncovered a new macOS vulnerability, “powerdir,” that could allow an attacker to bypass the operating system’s Transparency, Consent, and Control TCC technology, thereby gaining unauthorized access to a user’s protected data. We...