Apple macOS Vulnerability Allows Kernel-Level Compromise


‘Shrootless’ allows bypass of System Integrity Protection IT security measures to install a malicious rootkit that goes undetected and performs arbitrary device operations.

Researchers discovered Shrootless when, in their analysis, they came across the daemon system_installd, which has the powerful entitlement. With this entitlement, any child process of system_installd would be able to bypass SIP filesystem restrictions altogether

Read More…