A security researcher says flaws in Apple’s Gatekeeper application validation system remain available to exploit, despite Apple patching some vectors he disclosed on September 30 in security updates released in November and December.

“It took me literally five minutes to completely bypass,” says Patrick Wardle, director of research at Synack. He’s not just talking about the problem: He’s also released a tool to block the unpatched pathways to exploitation. To make use of this flaw, a legitimate app has to be modified by a malicious party and then distributed or swapped in when a user thinks the correct package is being downloaded. That said, it remains a reasonable concern.

An Apple spokesperson tells Macworld that it has added the latest specific unsigned app components identified by Wardle to its XProtect list, preventing their launch, and has engaged in productive discussions. The company says it continues to work on improving the security of Gatekeeper.

Apple designed Gatekeeper to provide a heightened level of integrity around Mac apps from registered developers without restricting all downloads to the Mac App Store. With the Security & Privacy system preference pane’s Allows Apps Downloaded From set to Mac App Store and Identified Developers, only apps in that latter category that have been cryptographically signed by a certificate issued by Apple should launch, and only after given the prompt that you’re launching software that was downloaded from the Internet.

Wardle’s September disclosure stated that while Apple examined the digital signature on the binary executable—the compiled software at the core of the downloaded package—Gatekeeper didn’t check other software in the package that could be executed by that binary. Wardle easily found downloadable apps from major vendors where he could swap out modules for malicious code, and Gatekeeper wouldn’t squawk. It’s important to note that these apps aren’t malicious, and don’t even follow poor programming guidelines. They’re legitimate, developer-signed OS X apps that can be tinkered with to add a malicious payload.

”Apple is going to be releasing an update to patch this, but all they’re going to do is blacklist the new binary I found.”

Macworld spoke with Wardle a few days before his updated presentation at the ShmooCon security conference on January 15, and he explained that Apple’s patches last year for his first disclosures were very thin: Rather than comprehensively fix the problem of downloaded executables, Apple blocked one vector (related to dynamic libraries) and blocked specific apps that could be subverted. Wardle reported all of this to Apple, and says “they are going to be releasing an update to patch this, but all they’re going to do is blacklist the new binary I found.” (Apple confirms the blacklisting has already occurred.)

He also remains convinced that Gatekeeper should more broadly inspect software before first launch, not just the subset that it currently examines. In his presentation, he notes that non-Apple software that downloads files from the Internet—including torrenting apps—don’t all mark these files with a “quarantine” attribute that triggers examining the Security & Privacy settings to determine what to do about it and, if it meets criteria, shows the warning that a file was downloaded and asks for your approval before proceeding.

Because Gatekeeper ignores these files, any apps downloaded in this manner bypass Gatekeeper. Malware that’s already on a system can also download executables that won’t trigger a warning. (Apple’s automatically updated XProtect library of malware signatures will still prevent specific software from launching.)

This Gatekeeper flaw still requires a big “if”: You have to download, install, and choose to launch software that’s been tampered with. That should be difficult, but there remain three ways to ne’er-do-wells to insert themselves as men-in-the-middle (MitM) and swap out a legitimate download for a maliciously modified one:

The developer’s site could be hacked, and a new download put in place that appears to be identical to the previous one. That’s always a possibility, but because Gatekeeper wouldn’t warn users downloading a suborned package, it could go unnoticed for some time. (In the Unix world, hosted files are paired with cryptographic signatures that allow a downloader to confirm the retrieved package is the one the developer distributed.)

A developer that offers downloads via http (unsecured web connections) allows an MitM at a favorable network location to swap in a modified package undetectably. Wardle says many, many OS security software vendors (not to mention those making other kinds of software) don’t use SSL/TLS over https. There’s no excuse for this, as there’s almost zero cost and no technical reason at this point to use secured web connections for downloads. (A new effort called Let’s Encrypt even allows the free creation of server certificates.)

A user downloads software from a third-party downloads or updates site. I strongly urge you to never download OS X software from anywhere except from a developer’s own site or the Mac App Store.

Wardle says Apple told him that it’s working on a more comprehensive fix, and Apple confirmed without any details that it continues to improve Gatekeeper. Until a more thoroughly preventative update is available, Wardle has released a new tool called Ostiarius that when installed prevents the launch of any unsigned program that hasn’t been specifically approved by you already.

As a long-time Apple user, Wardle remains frustrated that Apple has put partial measures in place. Because of this, he says attackers can look at Apple’s security release notes to reverse engineer what the company fixed, and see if they failed to repair it comprehensively. “Apple isn’t as proactive or aggressive about security as they should be,” he says.