macOS>In The News

Process injection: breaking all macOS security layers with a single vulnerability

CommunityNews

CommunityNews

Process injection: breaking all macOS security layers with a single vulnerability

Process injection: breaking all macOS security layers with a single vulnerability.
If you have created a new macOS app with Xcode 13.2, you may noticed this new method in the template:

  • (BOOL)applicationSupportsSecureRestorableState:(NSApplication *)app { return YES; } This was added to the Xcode template to address a process injection vulnerability we reported!
    In macOS 12.0.1 Monterey, Apple fixed CVE-2021-30873. This was a process injection vulnerability affecting (essentially) all macOS AppKit-based applications. We reported this vulnerability to Apple, along with methods to use this vulnerability to escape the sandbox, elevate privileges to root and bypass the filesystem restrictions of SIP.

Read in full here:

This thread was posted by one of our members via one of our news source trackers.

View thread on forum
#macos/security
0 1308 0

Where Next?

View thread on forum
security
macos
Home macOS>In The News
#macos/security
0 1308 0
Last post

Popular Macos topics Top

First poster: AstonJ
macOS>In The News

A piece of cloth to clean your Apple devices will cost you $19
A piece of cloth to clean your Apple devices will cost you $19. Yes, Apple wants you to pay extra for a single cloth.
theverge.com
#apple
21 1181 6
New
First poster: bot
macOS>In The News

Google 'colluded' with Facebook to bypass Apple privacy
Google ‘colluded’ with Facebook to bypass Apple privacy. Amended Texas complaint alleges backroom efforts to maintain ad dominance and m...
theregister.com
#apple#privacy#google#facebook
2 1031 0
New
First poster: bot
macOS>In The News

Apple announces self-service repair scheme in win for campaigners
Users with the know-how will be able to order and replace iPhone screens and parts.
bbc.co.uk
#scheme#apple
2 1016 0
New
First poster: AstonJ
macOS>In The News

CodeEdit: Building a free, open-source code editor for macOS
GitHub - CodeEditApp/CodeEdit: CodeEdit App for macOS – Elevate your code editing experience. Open source, free forever… CodeEdit App fo...
github.com
#macos#code
11 1308 3
New
First poster: bot
macOS>In The News

Mac Mini + iPad Mini = touchscreen Mac
No keyboard or mouse, though.
arstechnica.com
#ipad
0 814 0
New
First poster: AstonJ
macOS>In The News

Moving a macOS window by clicking anywhere on it
Moving a macOS window by clicking anywhere on it (like on Linux). Today I learned that since macOS High Sierra onwards you can move a wi...
mmazzarolo.com
#macos
8 922 5
New
First poster: bot
macOS>In The News

Apple's director of machine learning resigns due to return to office work
Apple’s Director of Machine Learning Resigns Due to Return to Office Work. Apple’s director of machine learning, Ian Goodfellow, has res...
macrumors.com
#office#apple#learning
0 929 0
New
First poster: bot
macOS>In The News

M2 MacBook Pro’s 256GB SSD is only about half as fast as the M1 version’s
Higher-capacity versions of the new MacBook Pro don’t seem to be affected.
arstechnica.com
#ssd#macbook
0 972 0
New
First poster: bot
macOS>In The News

Apple's claim is that it bans other browsers for security
twitter.com
/security#apple#browsers
0 834 0
New
First poster: bot
macOS>In The News

Apple and Google face gaming and mobile browser probe
The UK competition watchdog launches a market investigation into cloud gaming and mobile browsers.
bbc.co.uk
#mobile#gaming#apple#google#browser
0 986 0
New

Other popular topics Top

Devtalk
General Dev>Dev Chat

What dev-related stuff have you been up to?
Reading something? Working on something? Planning something? Changing jobs even!? If you’re up for sharing, please let us know what you’...
#community
1045 20892 392
New
PragmaticBookshelf
Game Dev>Learning Resources

The Ray Tracer Challenge
Brace yourself for a fun challenge: build a photorealistic 3D renderer from scratch! In just a couple of weeks, build a ray tracer that r...
pragprog.com
#pragprog#published-book/book-the-ray-tracer-challenge#algorithms
3 6115 0
New
brentjanderson
General Dev>Hardware

Moonlander Keyboard (Mechanical) (Ergonomic) (Split) (Ortholinear)
Bought the Moonlander mechanical keyboard. Cherry Brown MX switches. Arms and wrists have been hurting enough that it’s time I did someth...
#hardware/keyboards#moonlander#mechanical-keyboards#ortholinear#ergonomic
212 17779 90
New
AstonJ
General Dev>Hardware

Planck vs Preonic vs Subatomic (Keyboards)
I ended up cancelling my Moonlander order as I think it’s just going to be a bit too bulky for me. I think the Planck and the Preonic (o...
/keyboards#mechanical-keyboards#ortholinear#planck#preonic
105 17596 47
New
AstonJ
macOS>Chat

How to block any website on Mac using Little Snitch
If you want a quick and easy way to block any website on your Mac using Little Snitch simply… File > New Rule: And select Deny, O...
#macos#how-to#littlesnitch
5 11227 3
New
First poster: CommunityNews
AI>In The News

How to fix the eyes in AI-generated images
aidemos.info
0 4508 0
New
husaindevelop
Android>Questions

Clipboard readtext not working in android webview
Inside our android webview app, we are trying to paste the copied content from another app eg (notes) using navigator.clipboard.readtext ...
#android#clipboard
1 5651 0
New
AstonJ
AI>Chat

Post your DeepSeek results
Curious what kind of results others are getting, I think actually prefer the 7B model to the 32B model, not only is it faster but the qua...
/deepseek
15 4275 15
New
PragmaticBookshelf
Backend>Learning Resources

MySQL 9 Essentials
A concise guide to MySQL 9 database administration, covering fundamental concepts, techniques, and best practices. Neil Smyth MySQL...
pragprog.com
#pragprog#published-book/mysql/book-mysql-9-essentials
2 4162 0
New
mindriot
General Dev>Reviews

Keyboard Review: UHK60V2 vs Defy vs Voyager vs Glove80 vs Svalboard
Ok, well here are some thoughts and opinions on some of the ergonomic keyboards I have, I guess like mini review of each that I use enoug...
/keyboards#uhk60v2#defy#voyager#glove80#svalboard
5 5681 7
New
Back to top

Sponsor Spotlight

Pragmatic Bookshelf

Practical resources that improve the lives of professional developers.

Latest in Security

Security Portal

macOS>In The News

macOS In The News

Latest on Devtalk

Devtalk

We ❤️ helpful members!

We reward our most helpful members via our MOTM scheme - by giving away a whopping 25 books per year!

Member of the Month

Devtalk Sponsors

Pragmatic Bookshelf

Practical resources that improve the lives of professional developers.

Erlang Solutions

We build trusted fault-tolerant systems that scale to billions of users.

Honeybadger

Real-time error tracking, performance insights, and observability for devs.

EEF

Supporting innovation across the BEAM ecosystem.

coders51

We build reliable cloud platforms for business-critical systems.

Manning Publications

Develop your skills with books, videos, and courses.

AppSignal

Catch errors, track performance, monitor hosts and more.

WyeWorks

Enabling companies to succeed by building software people love.

Pragmatic Studio

Courses that move you from confusion to "Aha, now I get it!"

View all our sponsors ❯

Categories:

Sub Categories:

Popular Portals

Devtalk Sponsors

Pragmatic Bookshelf

Practical resources that improve the lives of professional developers.

Erlang Solutions

We build trusted fault-tolerant systems that scale to billions of users.

Honeybadger

Real-time error tracking, performance insights, and observability for devs.

EEF

Supporting innovation across the BEAM ecosystem.

coders51

We build reliable cloud platforms for business-critical systems.

Manning Publications

Develop your skills with books, videos, and courses.

AppSignal

Catch errors, track performance, monitor hosts and more.

WyeWorks

Enabling companies to succeed by building software people love.

Pragmatic Studio

Courses that move you from confusion to "Aha, now I get it!"

View all our sponsors ❯

We're in Beta

About us Mission Statement See our Roadmap