Patrick Wardle, an ex-NSA hacker and now Chief Research Officer of Digita Security, uncovered a critical zero-day vulnerability in the macOS Sierra operating system that could allow a malicious application installed in the targeted system to virtually “click” objects without any user interaction or consent. Wardle explains: “Via a single click, countless security mechanisms can be completely bypassed. Run untrusted app? Click…allowed. Authorize keychain access? Click…allowed. Load 3rd-party kernel extension? Click…allowed. Authorize outgoing network connection? click …allowed.
Wardle described his research into “synthetic” interactions with a user interface (UI) as “The Mouse is Mightier than the Sword,” showcasing an attack that’s capable of ‘synthetic clicks’—programmatic and invisible mouse clicks that are generated by a software program rather than a human.
macOS code itself offers synthetic clicks as an accessibility feature for disabled people to interact with the system interface in non-traditional ways, but Apple has put some limitations to block malware from abusing these programmed clicks.
Wardle accidentally discovered that High Sierra incorrectly interprets two consecutive synthetic mouse “down” event as a legitimate click, allowing attackers to programmatically interact with security warnings as well that asks users to choose between “allow” or “deny” and access sensitive data or features.
“The user interface is that single point of failure,” says Wardle. “If you have a way to synthetically interact with these alerts, you have a very powerful and generic way to bypass all these security mechanisms.”
Although Wardle has not yet published technical details of the flaw, he says the vulnerability can potentially be exploited to dump all passwords from the keychain or load malicious kernel extensions by virtually clicking “allow” on the security prompt and gain full control of a target machine.
15-Year-Old Apple macOS 0-Day Kernel Flaw Disclosed, Allows Root Access
A security researcher on New Year's eve made public the details of an unpatched security vulnerability in Apple's macOS operating system ...
Are all the big vendors playing down concerns over the impact of the Spectre and Meltdown vulnerabilities affecting computers systems, corporate servers and even mobile devices?
Who is impacted: computers and ...
Unlike the initial reports suggested about Intel chips being vulnerable to some severe ‘memory leaking’ flaws, full technical details about the vulnerabilities have now been emerged, which revealed that almost ...
Security researchers have discovered several severe vulnerabilities and a secret hard-coded backdoor in Western Digital's My Cloud NAS devices that could allow remote attackers to gain unrestricted root access to ...
Across the intent thousands of websites are running on the Drupal. Reports from a Security researcher Troy Mursch who ran a scan across the whole Internet found over 115000 Drupal ...
Researchers warn of a new attack that could be carried out in where in less than about 30 seconds and potentially affects millions of laptops globally. But is the attack ...
The leader of a notorious pro-Palestinian hacking group "Crackas with Attitude (CWA)" behind a series of embarrassing hacks targeting United States intelligence officials was just a 15-years-old boy. His hacking ...
OnePlus Hacked And Its Online Payment System Was Breached!
reports are saying that OnePlus was hacked and credit card data belonging to up to 40,000 clients were affected by the security ...
Hundreds of GPS Location Tracking Services Leaving User
Vendors Share Patch Updates on Spectre and Meltdown
Meltdown and Spectre CPU Flaws Affect Intel, ARM,
Critical Unpatched Flaws Disclosed In Western Digital ‘My
More than 115000 Drupal Sites are still Vulnerable
New Intel AMT Security Vulnerability that Lets Hackers
OnePlus Hacked And Its Online Payment System Was