Patched iOS/macOS Vulnerability Allowed Stealthy Data Access

iOS/macOS TCC Bypass Vulnerability Patched

A serious vulnerability (CVE-2024-44131) in Apple's Transparency, Consent, and Control (TCC) system was recently patched. This flaw allowed malicious apps to access sensitive user data, including photos, location, contacts, and health data, without triggering any notifications or consent prompts. The vulnerability also granted access to the microphone and camera.

How the Exploit Worked

The exploit used symlinks to manipulate file operations within iOS. During file copies or moves within the Files app, a malicious app could intercept and redirect files without triggering a TCC prompt. This allowed access to private data, including iCloud files and data from apps like WhatsApp and Pages. iOS updates are crucial for maintaining security.

Impact and Patch

The vulnerability affected iOS and macOS. While there's no confirmation of active exploitation, it posed a significant threat due to its stealthy nature. Apple patched the vulnerability in the initial releases of iOS 18 and macOS 15 in September. For more information on Apple security, check out their AI strategy.

Other Security News

• A new app allows users to scan their iPhones for Pegasus spyware for a nominal fee.
• Moonlock Lab's 2024 Threat Report highlights the use of AI tools in malware creation and the rise of Malware-as-a-Service (MaaS). See Google's system updates for Android security improvements.
• Apple's Passwords app now has a Firefox extension for Mac, seemingly developed by a third party and later adopted by Apple.
• Mosyle discovered new Mac malware loaders written in unconventional programming languages to evade detection.