Cybersecurity researchers from Intego are warning about possible active exploitation of an unpatched security vulnerability in Apple's macOS
macOS Gatekeeper Bypass Vulnerability
GateKeeper is a security feature built into Apple macOS that enforces code signing and verifies downloaded applications before allowing them to run, helping users protect their systems from malware and other malicious software.
That means, if you download an application from the Internet, GateKeeper will only allow it to execute without any warnings if it has been signed with a valid Apple-issued certificate, otherwise it will prompt you to allow or deny the execution.
Filippo Cavallarin, an independent security researcher, responsibly reported his findings to Apple on February 22 but decided to go public late last month after the company failed to patch the issue within the 90 days disclosure deadline and started ignoring his emails.
Until Apple patches this issue, researcher advised network administrators to block NFS communications with external IP addresses, and for home users, it is always important to not open email attachments from an unknown, suspicious, or untrustworthy source.
As always, if you need help feel free to call me at (636) 542-8652.
For free tech & security Tips and Tricks, text JOIN to 636-695-8378
Read the full article by Mohit Kumar HERE.
Original post date: June 25, 2019