Skip to main content
  1. Home
  2. Computing
  3. News

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

This critical exploit could let hackers bypass your Mac’s defenses

By

Microsoft has discovered a critical exploit in macOS that could grant hackers easy access to your Mac’s most important data. Dubbed ‘Migraine,’ it shows why it’s vital to update your Mac as soon as possible.

Migraine is so damaging because it can bypass Apple’s System Integrity Protection, or SIP for short. SIP is enabled by default on modern Macs and works by sandboxing sensitive parts of the computer from outside meddling. Only processes that are signed by Apple (or those with special privileges, like Apple installers) are allowed to alter something guarded by SIP.

A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.
Sora Shimazaki / Pexels

If a piece of malware can simply sneak past SIP, though, it can do untold damage — and that’s just what Migraine is capable of.

Recommended Videos

Ordinarily, the only way to disable SIP is to restart your Mac in Recovery mode, enter a specific command into the Terminal, then restart again. That means you need to be present in front of the computer in question, which on the surface should make exploits like Migraine untenable.

Related

However, Migraine doesn’t actually require physical access to the target device, meaning a hacker could activate it remotely and gain unauthorized admission to the most sensitive parts of your Mac.

Instead, Migraine abuses macOS’ built-in Migration Assistant utility, which contains SIP-bypassing capabilities. Microsoft’s researchers found that a person can automate the utility’s migration process with AppleScript, add a malicious payload to the SIP exclusions list, then launch it on the target Mac. All of this could be done without restarting the computer or booting from macOS Recovery mode.

Update your Mac now

Window's new Microsoft Security Experts program works to protect users from cybercrime using.
Windows

Getting past the protections offered up by SIP gives malware writers significant powers to harm your Mac. They could bypass Apple’s Transparency, Consent, and Control (TCC) policies, for example, which would grant them access to your private data. Or they could craft SIP-protected malware that can’t be deleted using normal methods.

That all makes this vulnerability a very high priority to get fixed. Fortunately, Apple and Microsoft have been working hand in hand to do just that. Microsoft alerted Apple as soon as it discovered the vulnerability, and Apple was able to quickly roll out a fix in various updates: macOS Ventura 13.4, macOS Monterey 12.6.6, and macOS Big Sur 11.7.7, all of which were released on May 18.

It’s not the first time that an exploit has been found that can access extremely important data on your Mac. If anything, Migraine illustrates exactly why you should always keep your Mac up to date and install security fixes as soon as they become available. Doing that should help you stay on top of headache-inducing threats like Migraine.

Editors’ Recommendations

Topics
Alex Blake
Alex Blake
Computing Writer
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
This major Apple bug could let hackers steal your photos and wipe your device
A physical lock placed on a keyboard to represent a locked keyboard.

Apple’s macOS and iOS are often considered to be more secure than their rivals, but that doesn’t make them invulnerable. One security team recently proved that by showing how hackers could exploit Apple’s systems to access your messages, location data, and photos -- and even wipe your device entirely.

The discoveries were published on the blog of security research firm Trellix, and will be of major concern to iOS and macOS users alike, since the vulnerabilities can be exploited on both operating systems. Trellix explains that Apple patched the exploits in macOS 13.2 and iOS 16.3, which were released in January 2023, so you should update your devices as soon as you can.

Read more
Yes, you can use both Mac and Windows — here are some tips to get started
The keyboard of the MacBook Pro 14-inch on a wood surface.

I'm not a typical Windows or Mac user. Where most people choose one operating system and stick with it, I use both Windows 11 and MacOS regularly, going back and forth daily depending on my workflow. And it's easier to do than you probably think.

I have a fast Windows 11 desktop with three 27-inch 4K displays, and I use that for all my research-intensive work that benefits from multiple monitors. But for writing simple copy, and for personal tasks, I use a MacBook Pro 14 M1 Pro simply because I like it so much. It's not MacOS that draws me to the machine, but its battery life, cool yet quick operation, excellent keyboard and touchpad, and awesome HDR display. To stay sane, I've worked out a few tricks and techniques to make the constant switching bearable. Here's what I've learned.
Adjust to your keyboards

Read more
This critical macOS flaw may leave your Mac defenseless
A close-up of a MacBook illuminated under neon lights.

Apple’s macOS operating system has such a strong reputation for security that many people mistakenly believe Macs simply aren’t affected by malware. Well, Microsoft has served up a reminder that that’s not true, as the company has identified a serious vulnerability that affects one of macOS’s most important lines of defense.

According to Bleeping Computer, the bug was first reported by Jonathan Bar Or, Microsoft’s principal security researcher, who named the flaw Achilles. It is now tracked as CVE-2022-42821.

Read more