There's An Easy Way For Attackers To Bypass Apple's Anti-Malware Feature On OS X

A quick and easy way to trick Apple's anti-malware feature, Gatekeeper, into letting malicious files through on machines running Mac OS X has been found. Oh, the irony.

Gatekeeper is a Mac OS X feature that restricts what applications can run depending on their origin. The default setting on Gatekeeper is to only let applications downloaded from the Mac App Store and from developers vetted by Apple but you can tone down the restrictions manually.

The Gatekeeper vulnerability found by security researcher, Patrick Wardle, lets attackers bundle a legitimate app with a hidden malicious file in the same directory to get through the restrictions. Classic Trojan Horse style.

This method has been confirmed to work on Gatekeeper on OS X Yosmite and the latest beta version of El Capitan. The final version of El Capitan just launched today. Apple is aware of this bug and is working on a quick fix until they can release a full patch. In the mean time, if you're a Mac OS X user, exercise caution when installing applications on your machine.

[Via Symantec Security Response blog]


    Don't install shit. Don't click on shit. This applies to every platform and will keep 95% of stuff at bay.

Join the discussion!

Trending Stories Right Now