Microsoft This Macos Bug Could Bypass Controls And Access Private User Data
The ‘powerdir’ bug, which Apple fixed in its December 13 update for macOS up to Monterey, lets an attacker bypass TCC to gain access to a user’s protected data. The bug was discovered by Microsoft security researcher Jonathan Bar Or. Microsoft is interested in macOS security because Defender for Endpoint can be used in an enterprise to protect non-Windows devices. Microsoft’s 365 Defender Research Team noted in a blog post that Apple introduced a feature to protect TCC that “prevents unauthorized code execution and enforced a policy that restricts access to TCC to only apps with full disk access....