News

Leak allowed attacker to take over macOS system with USB drive

By admin
Spread the love

Japanese security firm Trend Micro has released details of a vulnerability patched by Apple in October. The leak made it possible to take over a vulnerable system with a malicious memory carrier, such as a USB drive or SD card.

According to the company, the vulnerability with attribute CVE-2017-13811 was present in the macOS component fsck_msdos. That is a tool that checks connected devices for errors if they are formatted in the FAT file system. Once such a peripheral is connected, the tool will run. The company found out that the vulnerability made it possible to execute code at the system level by using, for example, a malicious USB stick.

The vulnerable code is also present in other operating systems, including Android and BSD-based systems, according to Trend Micro. The company notified the various developers but received no response. Google said it won’t fix the vulnerability because the tool runs on Android “within a very limited SELinux domain.” This is a technique that allows you to manage what is allowed to run on a system and allows users to set access permissions based on mandatory access controls.

Trend Micro has not yet encountered the attack “in the wild.” Requiring a USB drive or other storage medium for the attack, physical access to a vulnerable device is required to execute it. Apple has since patched the leak, describing the consequences as “executing arbitrary code at the system level.”

You might also like
News

Apple has been working on its own search engine for years. It’s called…

News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones