CommunityNews

Process injection: breaking all macOS security layers with a single vulnerability

Process injection: breaking all macOS security layers with a single vulnerability.
If you have created a new macOS app with Xcode 13.2, you may noticed this new method in the template:

(BOOL)applicationSupportsSecureRestorableState:(NSApplication *)app { return YES; } This was added to the Xcode template to address a process injection vulnerability we reported!
In macOS 12.0.1 Monterey, Apple fixed CVE-2021-30873. This was a process injection vulnerability affecting (essentially) all macOS AppKit-based applications. We reported this vulnerability to Apple, along with methods to use this vulnerability to escape the sandbox, elevate privileges to root and bypass the filesystem restrictions of SIP.

Read in full here:

This thread was posted by one of our members via one of our news source trackers.

View thread on forum

#macos /security

0 1308 0

2022-08-16 03:10:26 UTC

Where Next?

View thread on forum

security

macos

Home macOS>In The News

#macos /security

0 1308 0

Last post

Popular Macos topics

macOS>In The News

Cloudflare and Apple design a new privacy-friendly internet protocol

Engineers at Cloudflare and Apple say they’ve developed a new internet protocol that will shore up one of the biggest holes in internet ...

techcrunch.com

#internet /security #apple #privacy #design

2 1241 0

2020-12-08 17:49:06 UTC

New

macOS>In The News

Apple becomes first firm to hit $3tn market value

The firm’s value more than doubled during the pandemic as people bought more gadgets during lockdowns.

bbc.co.uk

#apple

0 833 0

2022-01-05 02:44:24 UTC

New

macOS>In The News

Introduction to Apple Silicon

Introduction to Apple Silicon · AsahiLinux/docs Wiki. Hardware and software docs / wiki. Contribute to AsahiLinux/docs development by cr...

github.com

#apple

0 861 0

2022-03-17 01:45:44 UTC

New

macOS>In The News

Apple Business Essentials now available for small businesses

Apple Business Essentials now available for small businesses. Thousands of small businesses in the Apple Business Essentials beta report...

apple.com

#business #apple

0 887 0

2022-04-05 12:22:34 UTC

New

macOS>In The News

Apple's M1 Ultra comes with a 32MB TLB bottleneck

twitter.com

#apple

11 1160 3

2022-04-15 14:49:25 UTC

New

macOS>In The News

Apple iPod creator warns the metaverse will encourage trolls

Tony Fadell says the virtual reality world risks damaging human interaction and creating toxicity.

bbc.co.uk

#apple #metaverse

0 869 0

2022-05-12 22:39:21 UTC

New

macOS>In The News

Introducing Accelerated PyTorch Training on Mac

Introducing Accelerated PyTorch Training on Mac. In collaboration with the Metal engineering team at Apple, we are excited to announce s...

pytorch.org

#m1

0 984 0

2022-05-19 13:02:22 UTC

New

macOS>In The News

Apple battery row: Millions of iPhone users could get payouts in legal action

The tech giant is accused of secretly slowing down the performance of older models.

bbc.co.uk

#apple #iphone

7 1078 9

2022-06-29 13:42:42 UTC

New

macOS>In The News

Why Lockdown mode from Apple is one of the coolest security ideas ever

Apple intros “extreme” optional protection against the scourge of mercenary spyware.

arstechnica.com

/security #apple

0 828 0

2022-07-08 23:13:03 UTC

New

macOS>In The News

Linus Torvalds uses an Arm-powered M2 MacBook Air to release latest Linux kernel

More people using Arm hardware will (eventually) lead to better Arm software.

arstechnica.com

#linux #arm #macbook

0 949 0

2022-08-02 13:17:22 UTC

New

Other popular topics

General Dev>Dev Chat

What dev-related stuff have you been up to?

Reading something? Working on something? Planning something? Changing jobs even!? If you’re up for sharing, please let us know what you’...

#community

1052 22171 400

2026-03-16 05:50:25 UTC

New

Game Dev>Learning Resources

Apple Game Frameworks and Technologies

Design and develop sophisticated 2D games that are as much fun to make as they are to play. From particle effects and pathfinding to soci...

pragprog.com

#pragprog #ios #game-dev #macos /swift #published-book #apple /book-apple-game-frameworks-and-technologies

30 7995 10

2021-04-22 16:51:02 UTC

New

General Dev>Code Editors

Poll: Which code editor do you use?

You might be thinking we should just ask who’s not using VSCode :joy: however there are some new additions in the space that might give V...

#community #polls /vim /emacs #code-editors /vscode #notepad /sublime-text #atom /textmate #codespaces #brackets /onivim #geany

121 5796 61

2025-09-05 00:52:19 UTC

New

Linux>Chat

RancherOS is in end of life

Oh just spent so much time on this to discover now that RancherOS is in end of life but Rancher is refusing to mark the Github repo as su...

#linux #rancheros

10 6358 6

2021-01-30 21:04:03 UTC

New

Backend>Learning Resources

Concurrent Data Processing in Elixir

Learn different ways of writing concurrent code in Elixir and increase your application's performance, without sacrificing scalability or...

pragprog.com

#pragprog /elixir #published-book /book-concurrent-data-processing-in-elixir

78 6059 24

2021-09-04 12:35:42 UTC

New

Backend>Chat

Data Structures and Algorithms with Elixir

This is going to be a long an frequently posted thread. While talking to a friend of mine who has taken data structure and algorithm cou...

/elixir #algorithms #data-structures

108 11869 31

2024-11-14 02:14:00 UTC

New

Android>Questions

Clipboard readtext not working in android webview

Inside our android webview app, we are trying to paste the copied content from another app eg (notes) using navigator.clipboard.readtext ...

#android #clipboard

1 5651 0

2022-09-27 18:52:03 UTC

New

Windows>Chat

Taskbar Overflow Menu (NOT System Tray Overflow)

There appears to have been an update that has changed the terminology for what has previously been known as the Taskbar Overflow - this h...

#taskbar-overflow-win-11

3 3715 2

2023-02-13 08:43:55 UTC

New

General Dev>In The News

Zig now has built-in HTTP server and client in std

zig/http.zig at 7cf2cbb33ef34c1d211135f56d30fe23b6cacd42 · ziglang/zig. General-purpose programming language and toolchain for maintaini...

github.com

/zig #http

0 5624 0

2023-05-19 00:35:41 UTC

New

Backend>Learning Resources

MySQL 9 Essentials

A concise guide to MySQL 9 database administration, covering fundamental concepts, techniques, and best practices. Neil Smyth MySQL...

pragprog.com

#pragprog #published-book /mysql /book-mysql-9-essentials

2 4162 0

2025-03-12 13:05:49 UTC

New

Process injection: breaking all macOS security layers with a single vulnerability

CommunityNews

Process injection: breaking all macOS security layers with a single vulnerability

Where Next?

Popular Macos topics

Cloudflare and Apple design a new privacy-friendly internet protocol

Apple becomes first firm to hit $3tn market value

Introduction to Apple Silicon

Apple Business Essentials now available for small businesses

Apple's M1 Ultra comes with a 32MB TLB bottleneck

Apple iPod creator warns the metaverse will encourage trolls

Introducing Accelerated PyTorch Training on Mac

Apple battery row: Millions of iPhone users could get payouts in legal action

Why Lockdown mode from Apple is one of the coolest security ideas ever

Linus Torvalds uses an Arm-powered M2 MacBook Air to release latest Linux kernel

Other popular topics

What dev-related stuff have you been up to?

Apple Game Frameworks and Technologies

Poll: Which code editor do you use?

RancherOS is in end of life

Concurrent Data Processing in Elixir

Data Structures and Algorithms with Elixir

Clipboard readtext not working in android webview

Taskbar Overflow Menu (NOT System Tray Overflow)

Zig now has built-in HTTP server and client in std

MySQL 9 Essentials

Latest in Security

macOS>In The News

Latest on Devtalk

We ❤️ helpful members!

Categories:

Sub Categories:

Popular Portals

We're in Beta

Process injection: breaking all macOS security layers with a single vulnerability

CommunityNews

Process injection: breaking all macOS security layers with a single vulnerability

Where Next?

Popular Macos topics

Cloudflare and Apple design a new privacy-friendly internet protocol

Apple becomes first firm to hit $3tn market value

Introduction to Apple Silicon

Apple Business Essentials now available for small businesses

Apple's M1 Ultra comes with a 32MB TLB bottleneck

Apple iPod creator warns the metaverse will encourage trolls

Introducing Accelerated PyTorch Training on Mac

Apple battery row: Millions of iPhone users could get payouts in legal action

Why Lockdown mode from Apple is one of the coolest security ideas ever

Linus Torvalds uses an Arm-powered M2 MacBook Air to release latest Linux kernel

Other popular topics

What dev-related stuff have you been up to?

Apple Game Frameworks and Technologies

Poll: Which code editor do you use?

RancherOS is in end of life

Concurrent Data Processing in Elixir

Data Structures and Algorithms with Elixir

Clipboard readtext not working in android webview

Taskbar Overflow Menu (NOT System Tray Overflow)

Zig now has built-in HTTP server and client in std

MySQL 9 Essentials

Sponsor Spotlight

Latest in Security

macOS>In The News

Latest on Devtalk

We ❤️ helpful members!

Devtalk Sponsors

Categories:

Sub Categories:

Popular Portals

Devtalk Sponsors

We're in Beta