Microsoft has issued an urgent warning to millions of Apple users about a dangerous hacking threat that could grant attackers unauthorized access to sensitive data on macOS devices. This includes access to browsed webpages, the device’s camera, microphone, and location, all without the user’s consent or knowledge. The vulnerability affects macOS users who manage their devices via Mobile Device Management (MDM).
It forces a bypass of the device’s Transparency, Consent, and Control (TCC) protection. This allows Safari to access device data that it shouldn’t and then deliver that data to an attacker. Microsoft has reported its findings to Apple, which has released a fix identified as CVE-2024-44133 as part of security updates for macOS Sequoia.
All macOS users are highly recommended to update their machines immediately to protect against this threat.
macOS security threat alert
The issue with TCC is that some Apple applications, like Safari, have private entitlements that bypass normal TCC access checks.
This includes access to sensitive functions such as the camera, microphone, screen, and personal data. Microsoft warns that in a real scenario, an attacker could save a camera stream, record microphone input, and get access to the device’s location stealthily. Users of third-party browsers on Apple devices, such as Google Chrome, Mozilla Firefox, or Microsoft Edge, are not at the same risk since these browsers do not have the same private entitlements and cannot bypass TCC checks.
Apple has now hardened Safari to prevent modifications to these configuration files. Microsoft is also collaborating with other major browser vendors to investigate the benefits of hardening local configuration files. Microsoft strongly encourages macOS users to apply these security updates as soon as possible to protect their devices and data from potential exploitation.
For further developments, stay tuned and ensure your systems remain updated.
