Apple Patches Zero-day Vulnerability in macOS 11.3

Apple has just released a new version of their latest operating system called "Big Sur". Along with this version 11.3 comes a slew of improvements and fixes in macOS. The most critical of the bunch is CVE-2021-30657. Discovered by Cedric Owens, this zero-day vulnerability allows attackers to get past Apple's strict anti-malware measures. For example Shlayer malware is already abusing this flaw due to this macOS vulnerability.

Apple relies on three major security features to prevent malware from infecting a device. The first two are file quarantine combined with Gatekeeper, these warn users about potentially dangerous files and check code-signing information. The third one is Application Notarization, which scans and approves software to ensure it is safe for Apple products. However, the latest zero-day macOS vulnerability is able to bypass all three of these measures, making it very effective.

One of the more well-known Apple malware called "Shlayer" has already been known to use this vulnerability, Therefore, it is critical that updates are performed as soon as possible to prevent possible infections.

A disruptive malware installer is exploiting this in the wild. There is a new variant of malware that was packaged as a bare-boned, on script based application which means that there is already malware exploiting it. Patrick Wardle explains via a video how the macOS vulnerability is exploited.

Run the macOS Vulnerability Audit Report

Our security experts have issued a dedicated macOS Audit Report that gives you an overview of all affected devices and their patch status.

macOs Anti-Malware Report
Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

You may also like...

Try Lansweeper for Free

Learn why Lansweeper is used by thousands of enterprises worldwide.​