The popular macOS expert and former NSA hacker has discovered a zero-day vulnerability in macOS on Mojave ‘s release day.

It is always Patrick Wardle, this time the popular expert and former NSA hacker has found a zero-day flaw in macOS on Mojave ‘s release day.

According to the expert, the implementation bug can be exploited to access sensitive user data, including information in the address book.

The vulnerability resides in the implementation of the privacy-protection mechanisms for sensitive data.

The user data protection measures introduced in macOS Mojave force the users to provide the explicit consent for access sensitive data and files (i.e. location services, contacts, calendars, photos).

Applications can no longer do this automatically by simulating human input with synthetic clicks. Apple’s latest OS displays an authorization request for direct user interaction.

In order to improve the user experience, the OS allows the user to pre-authorize the apps they want to allow access to the sensitive data.

This is possible by adding them to the system’s Application Data category in the System Preferences, Security & Privacy panel.

Wardle was able to access the sensitive data using an unprivileged app.

“I found a trivial, albeit 100% reliable flaw in their implementation,” he told Bleeping computer.

Wardle explained that the exploitation of the zero-day issue only works on Mojave’s new privacy protection features.

Mojave's 'dark mode' is gorgeous 🙌

…but its promises about improved privacy protections? kinda #FakeNews 😥 0day bypass:https://t.co/rRf8t7C7Zf btw if anybody has a link to 🍎's macOS bug bounty program I'd 💕 to report this & other 0days -donating any payouts to charity 🙏 — patrick wardle (@patrickwardle) September 24, 2018

Below the video PoC published by Wardle, it shows the expert that tries to copy the content of the address book and denies the operation when the operating system asks for permission. Wardle then uses an unprivileged app that allows him to access the address book data.

Wardle plans to present technical details of the zero-day flaw in the upcoming Mac Security conference in Maui, Hawaii, in November.

Pierluigi Paganini

(Security Affairs – zero-day, Mojave)

Share this...

Linkedin Reddit Pinterest

Share On