Microsoft Details macOS Vulnerability That Could Bypass SIP

Microsoft has provided details on a new macOS vulnerability, one that could be used to bypass System Integrity Protection (SIP)....
Microsoft Details macOS Vulnerability That Could Bypass SIP
Written by WebProNews
  • Microsoft has provided details on a new macOS vulnerability, one that could be used to bypass System Integrity Protection (SIP).

    SIP is a key component in macOS security, ensuring the system cannot run unauthorized code or applications. According to Microsoft, a bug in the macOS migration process could be used to bypass SIP altogether.

    The company outlined its findings in a blog post:

    A new vulnerability, which we refer to as “Migraine” for its involvement with macOS migration, could allow an attacker with root access to automatically bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device.

    Microsoft’s entire blog post outlining the steps they took to find and evaluate the vulnerability is a very lengthy read. However, there are several potential ramifications:

    • A SIP exploit can be used to create undetectable malware.
    • SIP exploits provide a path “for attackers to gain arbitrary kernel code execution.”
    • SIP exploits can allow hackers to enable rootkits and bypass anti-tampering measures.
    • Such exploits can be used to bypass Transparency, Consent, and Control (TCC) policies.

    Microsoft has already notified Apple, and a fix was included in the May 18, 2023 security update. Needless to say, all users should update immediately.

    Get the WebProNews newsletter delivered to your inbox

    Get the free daily newsletter read by decision makers

    Subscribe
    Advertise with Us

    Ready to get started?

    Get our media kit