Microsoft finds macOS bug that lets hackers bypass SIP root restrictions


Apple has patched a vulnerability that allowed attackers with root access to install undeletable malware, evade System Integrity Protection (SIP), and gain access to the victims private data by evading Transparency, Consent, and Control (TCC) security procedures.

The vulnerability, code-named Migraine, was found and reported to Apple by a group of Microsoft security researchers. It is now listed as CVE-2023-32369. The issue has been fixed by Apple in security upgrades for the May 18-released versions of macOS Ventura 13.4, macOS Monterey 12.6.6, and macOS Big Sur 11.7.7.

Read More…