Google Safety Team found Apple MacOS Major Security Vulnerability

In November last year, Google’s Project Zero team found that there is a “serious” vulnerability in Apple Macos kernel, which recently disclosed after the 90-day window period expired.

Google explained that the vulnerability allows an attacker to modify the mount file system image owned by the user without notifying the virtual management subsystem, which means that hackers can modify the file system image without knowing the user.

According to Google, Apple has not yet solved this problem. Some foreign media contact Apple in this issue and there is currently no solution. Apple intends to solve this problem in the future version update.

Project Zero is Google’s Internet Security Team, which usually provides detailed information to the corresponding manufacturers after discovering security vulnerabilities, and provides 90 days before disclosure. But this time, Apple was told in November last year, and the time of 90 days has passed, but it has not been repaired.

Currently, Mac users should be careful that they are downloading, ensuring only from trusted sites to avoid similar attacks. It is currently unclear whether this vulnerability is easily utilized, but Google marks it as “serious” because it may bypass MacOS security measures.