"Details Released for Recently Patched new macOS Archive Utility Vulnerability"

Security researchers have disclosed information about a now-resolved security flaw in Apple's macOS operating system that could be exploited to run malicious applications in a way that circumvents Apple's security measures. The vulnerability, tracked under CVE-2022-32910, stems from the built-in Archive Utility and could allow the execution of an unsigned and unnotarized application without displaying security prompts to the user by using a specially crafted archive, according to an analysis by Apple device management firm Jamf. Apple described the flaw as a logic flaw that could allow an archive file to bypass Gatekeeper checks, which are intended to ensure that only trusted software runs on the operating system. This is accomplished by verifying that the downloaded package is from a legitimate developer and has been notarized by Apple. This article continues to discuss the recently patched vulnerability found in the macOS built-in Archive Utility.

THN reports "Details Released for Recently Patched new macOS Archive Utility Vulnerability"