OS X High Sierra Zero-Day Announced

Patrick Wardle, an ex-NSA hacker and now Chief Research Officer of Digita Security, uncovered a critical zero-day vulnerability in the macOS Sierra operating system that could allow a malicious application installed in the targeted system to virtually “click” objects without any user interaction or consent. Wardle explains: “Via a single click, countless security mechanisms can be completely bypassed. Run untrusted app? Click…allowed. Authorize keychain access? Click…allowed. Load 3rd-party kernel extension? Click…allowed. Authorize outgoing network connection? click …allowed.

Wardle described his research into “synthetic” interactions with a user interface (UI) as “The Mouse is Mightier than the Sword,” showcasing an attack that’s capable of ‘synthetic clicks’—programmatic and invisible mouse clicks that are generated by a software program rather than a human.
macOS code itself offers synthetic clicks as an accessibility feature for disabled people to interact with the system interface in non-traditional ways, but Apple has put some limitations to block malware from abusing these programmed clicks.

Wardle accidentally discovered that High Sierra incorrectly interprets two consecutive synthetic mouse “down” event as a legitimate click, allowing attackers to programmatically interact with security warnings as well that asks users to choose between “allow” or “deny” and access sensitive data or features.
“The user interface is that single point of failure,” says Wardle. “If you have a way to synthetically interact with these alerts, you have a very powerful and generic way to bypass all these security mechanisms.”
Although Wardle has not yet published technical details of the flaw, he says the vulnerability can potentially be exploited to dump all passwords from the keychain or load malicious kernel extensions by virtually clicking “allow” on the security prompt and gain full control of a target machine.

Read More

 

 

Related Posts
More than 115000 Drupal Sites are still Vulnerable to the Drupalgeddon2 Exploit
Across the intent thousands of websites are running on the Drupal. Reports from a Security researcher Troy Mursch who ran a scan across the whole Internet found over 115000 Drupal ...
READ MORE
15-Year-Old using Social Engineering posed as CIA Chief to Hack Highly Sensitive Information
The leader of a notorious pro-Palestinian hacking group "Crackas with Attitude (CWA)" behind a series of embarrassing hacks targeting United States intelligence officials was just a 15-years-old boy. His hacking ...
READ MORE
OnePlus Hacked And Its Online Payment System Was Breached!
OnePlus Hacked And Its Online Payment System Was Breached! reports are saying that OnePlus was hacked and credit card data belonging to up to 40,000 clients were affected by the security ...
READ MORE
More than 115000 Drupal Sites are still Vulnerable
15-Year-Old using Social Engineering posed as CIA Chief
OnePlus Hacked And Its Online Payment System Was

None found.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You might also likeclose