Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Attack Bypasses Mac OS X Gatekeeper

Posted by Soulskill on from the even-gatekeepers-need-lunch-breaks dept.

msm1267 writes: Mac OS X's Gatekeeper security service is supposed to protect Apple computers from executing code that's not signed by Apple or downloaded from its App Store. A researcher, however, has built an exploit that uses a signed binary to execute malicious code. Patrick Wardle, a longtime Apple hacker, said Gatekeeper performs only an initial check on an application to determine whether it came from an untrusted source and should not be executed. Using a signed binary that passes the initial check and then loads a malicious library or app from the same or relative directory, however, will get an advanced attacker onto an OS X machine. Wardle disclosed his research and proof of concept to Apple, which said it is working on a patch, and may push out a short-term mitigation in the meantime.

1 of 66 comments (clear)

  1. History repeats itself? by aicrules · · Score: 3, Funny

    So even without the little pi symbol Gatekeeper is still full of holes.