Google Project Zero, the tech giant’s security research unit known for sniffing out bugs and security flaws within systems, have discovered a major flaw in the macOS kernel.

The team has disclosed a “high severity” macOS kernel flaw that “grants an attacker to modify a user-owned mounted filesystem without the macOS memory manager’s knowledge.” In other words, a hacker can gain complete control of a user’s macOS system.

Apparently, Google disclosed the flaw to Apple back in November 2018. Project Team Zero’s 90-day disclosure policy means that the flaw is now public and Apple, despite having 90 days to fix the issue, hasn’t done so yet. Google has labelled the issue as “high vulnerability.”

As detailed in the Chromium bug tracker, the Project Zero team explained that they found a loophole in the copy-on-write (CoW) protection system of macOS which manages the computer’s memory and ensures that a process doesn’t change the data shared by other processes.

“This copy-on-write behaviour works not only with anonymous memory but also with file mappings. This means that after the destination process has started reading from the transferred memory area, memory pressure can cause the pages holding the transferred memory to be evicted from the page cache. Later, when the evicted pages are needed again, they can be reloaded from the backing filesystem. This means that if an attacker can mutate an on-disk file without informing the virtual management subsystem, this is a security bug,” the Google Project Zero Team stated.

Reports noted that this bug could be potentially used to exploit target macOS systems and may prove useful to cyber miscreants in ‘wider exploit chains.’

But while this flaw is said to affect any Apple laptop or desktop running macOS, 9to5Google reported that Apple has acknowledged the issue and has begun working with Google’s Project Zero team to fix the flaw. As per the report, Apple is expected to patch the issue in “a future macOS release.” However, there’s no specific timeline for this.

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

error: Unauthorized Content Copy Is Not Allowed
Scroll to Top
%d bloggers like this: