Skip to main content
  1. Home
  2. Computing
  3. News

Apple MacOS hit with yet another critical system security issue

By

Apple has been held in high regard as a company that has always been focused on the security of its product offerings; however, a new kernel flaw was recently found within the company’s MacOS desktop operating system. The latest news comes just months after a critical security flaw was shown to bypass MacOS Mojave’s system security and a massive flaw allowed eavesdropping via Apple’s FaceTime videotelephony software. This time around, the problem is at the heart of MacOS — the XNU kernel.

XNU is the operating system kernel for MacOS that has been in use as far back as the mid-1990s — a kernel is the core computer program that allows for software to communicate with a device’s hardware. The most recent flaw was discovered by the Project Zero team at Google, which aims to identify deficiencies in consumer software. According to Google, they were able to take advantage of the kernel’s copy-on-write function; this allowed the team to modify data on a disk without the entire system being aware of the change.

Recommended Videos

When a flaw is discovered, Project Zero follows a procedure where it first presents an issue to the company responsible for the software, with a set deadline before the information is released to the general public. Project Zero made Apple aware of the flaw in November 2018; however, as of February 28th, Apple has yet to patch the issue. Ben Hawkes of Project Zero does note that Apple is “intending to resolve the issue in a future release, and we’re working together to assess the options for a patch.”

Related

Google’s Project Zero is a team of industry recognized security professionals, including Jann Horn, the researcher who was critical to the discovery of both the Meltdown and Spectre vulnerabilities affecting both Intel and ARM-based processors. In regards to Apple’s problem with the MacOS XNU kernel, the team at Google has introduced a concept code solution for the challenge. The kernel of an operating system is central to all processes, and it is possible that Apple is approaching the issue with great tact, albeit a bit slow for its users. For the utmost security, be sure to always keep your copy of MacOS up to date.

Editors’ Recommendations

Topics
Michael Archambault
Michael Archambault
Former Digital Trends Contributor
Michael Archambault is a technology writer and digital marketer located in Long Island, New York. For the past decade…
Will my Mac get macOS 14?
MacOS Sonoma.

MacOS 14 is coming and coming soon, and thanks to Apple's big keynote address at WWDC 2023, we now know what it can do, what it's called, and who can get it. The next generation Mac operating system is codenamed Sonoma, and it's bringing gaming to macOS in a big way, as well as improving video calls, and security. It's going to be available for most modern Mac and MacBook users, but there are some legacy systems that are unfortunately being left out in the cold.

Wondering if your Mac can get macOS 14? Here's everything we know about what Macs are and aren't compatible with Sonoma.

Read more
Apple’s macOS Sonoma has a game-changing feature — literally
apple could fix mac game porting wwdc 2023 gaming 1

Apple’s Worldwide Developers Conference (WWDC) was chock-full of new announcements, and it’s fair to say that between the Vision Pro headset and all of Apple’s new Macs, macOS was far from the biggest new reveal. Yet, there was one new macOS feature that could be absolutely game-changing.

That’s because right now, Mac gaming is in a pretty bad way. Gamers don’t buy Macs because there aren’t enough good games, and developers don’t port their games to the Mac because there aren’t enough people to play them. It’s a chicken-and-egg situation caught in a death spiral.

Read more
This critical exploit could let hackers bypass your Mac’s defenses
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

Microsoft has discovered a critical exploit in macOS that could grant hackers easy access to your Mac’s most important data. Dubbed ‘Migraine,’ it shows why it’s vital to update your Mac as soon as possible.

Migraine is so damaging because it can bypass Apple’s System Integrity Protection, or SIP for short. SIP is enabled by default on modern Macs and works by sandboxing sensitive parts of the computer from outside meddling. Only processes that are signed by Apple (or those with special privileges, like Apple installers) are allowed to alter something guarded by SIP.

Read more