Apple has patched a zero-day vulnerability in macOS Big Sur 11.4 that could allow attackers to secretly capture screenshots or videos of a user's screen by hijacking existing app permissions.
The vulnerability bypasses Apple’s Transparency Consent and Control Framework, which controls which system functions applications can access, according to security researchers at Jamf, who first discovered the vulnerability discovered Jamf notes that the vulnerability appears to have been actively exploited in the wild. The company discovered the flaw while investigating a Mac malware called XCSSET that targets macOS developers via infected Xcode projects. The vulnerability could allow an attacker to take away permissions granted to other apps.
macOS Big Sur 11.4: Mojave and Catalina also receive updates
For example, a malicious app could hook into Zoom - which already has recording privileges - and record a user's screen. Jamf notes that attackers have so far only used the vulnerability to take screenshots. According to Jamf, Apple has released a patch for the vulnerability in macOS Big Sur 11.4. Along with this release on Monday, Apple also released two security updates for macOS Mojave and macOS Catalina. In a statement to Forbes, Apple emphasized that the vulnerability is only a problem for users who download programs outside of the Mac App Store. (Photo by Skorzewiak / Bigstockphoto)
