"macOS Vulnerability Could Expose User Data, Microsoft Warns"

Microsoft has recently uncovered a macOS vulnerability that can enable attackers to gain access to users' protected data and warned active exploitation may be taking place.  Microsoft dubbed the flaw "HM Surf," which allows attackers to bypass the operating system's Transparency, Consent, and Control (TCC) technology to access sensitive user data, including browsed pages and the device's camera, microphone, and location.  The vulnerability is identified as CVE-2024-44133, with a medium severity rating.  Microsoft said it shared its findings with Apple, which released a fix as part of security updates for macOS Sequoia on September 16, 2024.  macOS users are urged to apply the updates as soon as possible since Microsoft detected potential exploitation activity associated with Adload, a prevalent macOS malware family.

Infosecurity Magazine reports: "macOS Vulnerability Could Expose User Data, Microsoft Warns"