12:51
Apple removes WhatsApp and others from China App Store
12:39
Meta releases Llama 3 and claims it's one of the best open models available
19:51
Introducing Kaspersky Thin Client 2.0
15:55
Binance secures full crypto license in Dubai
12:54
Twitch unveils new discovery feed for livestreams and Clips
12:37
Boston Dynamics reveals next generation of humanoid robots Atlas
12:51
Apple removes WhatsApp and others from China App Store
12:39
Meta releases Llama 3 and claims it's one of the best open models available
19:51
Introducing Kaspersky Thin Client 2.0
15:55
Binance secures full crypto license in Dubai
12:54
Twitch unveils new discovery feed for livestreams and Clips
12:37
Boston Dynamics reveals next generation of humanoid robots Atlas
12:51
Apple removes WhatsApp and others from China App Store
12:39
Meta releases Llama 3 and claims it's one of the best open models available
19:51
Introducing Kaspersky Thin Client 2.0
15:55
Binance secures full crypto license in Dubai
12:54
Twitch unveils new discovery feed for livestreams and Clips
12:37
Boston Dynamics reveals next generation of humanoid robots Atlas
12:51
Apple removes WhatsApp and others from China App Store
12:39
Meta releases Llama 3 and claims it's one of the best open models available
19:51
Introducing Kaspersky Thin Client 2.0
15:55
Binance secures full crypto license in Dubai
12:54
Twitch unveils new discovery feed for livestreams and Clips
12:37
Boston Dynamics reveals next generation of humanoid robots Atlas
Microsoft has identified a critical vulnerability in macOS that could allow attackers to bypass the System Integrity Protection (SIP) feature, leading to potential arbitrary code execution on affected devices.
The exploit, dubbed "Migraine," uses specific permissions in the macOS Migration Assistant to gain unrestricted root access and manipulate system files. This SIP security issue poses a serious threat because it allows malware and rootkits to be installed.
Typically, the Migration Assistant is only accessible during the initial setup of a new user account, requiring physical access and a complete system sign-out. However, Microsoft researchers have demonstrated a method to bypass these limitations. By modifying the Migration Assistant and running the Setup Assistant in debug mode, they were able to bypass the setup process and gain access to the vulnerable tool.
To further exploit the vulnerability, a small malicious Time Machine backup was created and automatically mounted, seamlessly importing the compromised data without user detection.
Upon discovering the "Migraine" exploit, Microsoft notified Apple, which promptly addressed the issue with the macOS 13.4 update, released on May 18. Users are urged to update their Macs to the latest version of macOS Ventura immediately to ensure their systems are protected.
Editor’s pick
