Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

This critical macOS flaw may leave your Mac defenseless

Apple’s macOS operating system has such a strong reputation for security that many people mistakenly believe Macs simply aren’t affected by malware. Well, Microsoft has served up a reminder that that’s not true, as the company has identified a serious vulnerability that affects one of macOS’s most important lines of defense.

According to Bleeping Computer, the bug was first reported by Jonathan Bar Or, Microsoft’s principal security researcher, who named the flaw Achilles. It is now tracked as CVE-2022-42821.

A close-up of a MacBook illuminated under neon lights.
Image used with permission by copyright holder

In simple terms, Achilles works by bypassing macOS’s Gatekeeper feature. Whenever a user downloads a Mac app, plugin, or installer that is not from Apple’s App Store, Gatekeeper checks that it is from a verified developer, is notarized by Apple to be free of malware, and hasn’t been altered. If the app passes those checks, it can run on the user’s Mac. If it fails, Gatekeeper blocks it.

Achilles, however, found a way around this protection. As laid out in a recent Microsoft blog post, macOS assigns an extended attribute called com.apple.quarantine to apps downloaded using internet browsers. Among other things, this attribute tells macOS that Gatekeeper should check the file before it can be installed.

Achilles blocks the assignment of this attribute. That means a malicious file will be able to run on macOS without ever triggering Gatekeeper, thereby side-stepping Apple’s built-in security protections.

Interestingly, Microsoft says macOS’s Lockdown Mode is no use in fighting Achilles because it is designed to solve a different problem. Lockdown Mode is a special high-security mode in macOS that protects individuals who are vulnerable to highly sophisticated cyberattacks — think journalists in repressive states, for example. Regardless of your Lockdown Mode status, you should update macOS to protect against Achilles.

The security flaw was originally discovered by Microsoft in July 2022, and was fixed by Apple in macOS 13 (Ventura), macOS 12.6.2 (Monterey), and macOS 11.7.2 (Big Sur). It highlights the importance of keeping macOS up to date to ensure you have the latest security patches and fixes.

It’s not the first time Microsoft has spotted a macOS vulnerability and helped Apple fix it. In February 2022, for example, Microsoft issued a warning about a macOS trojan called UpdateAgent. Interestingly, this malware could also get around Gatekeeper. It shows that while Gatekeeper is an excellent piece of defensive software, it’s not bulletproof.

Editors' Recommendations

Alex Blake
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
macOS Sonoma public beta review: more than just screensavers
Craig Federighi introducing macOS Sonoma at Apple's Worldwide Developers Conference (WWDC) in June 2023.

It’s that time of year again when Apple launches all of its new operating systems into public beta and invites a brave public to sift through bugs and crashes to find the nuggets of gold that Apple has been working on. With macOS Sonoma now in public beta, the big question is this: should you upgrade your Mac?

Well, this year’s update has been a rather modest one, with few truly standout features. After all, you know it’s an unexceptional update when Apple leads its list of new features in macOS Sonoma with screen savers.

Read more
How macOS Sonoma could fix widgets — or make them even worse
Apple's 15-inch MacBook Air on a desk, with macOS Sonoma running on its display.

At its Worldwide Developers Conference (WWDC) earlier this year, Apple revealed that interactive widgets would be coming to macOS Sonoma. That probably sounds like a tiny new feature, and sure, it’s not as earth-shattering as the Vision Pro announcement. But it could turn out to be one of the most divisive new features in the Mac operating system.

In macOS Sonoma, you’ll be able to plant widgets on your desktop instead of hiding them in the Notification Center. Many widgets will be interactive, letting you tick off to-do list items without opening the widget’s app, for example. And you’ll be able to run iOS widgets right on your desktop, even if that app isn’t installed on your Mac. It’s a pretty comprehensive overhaul. Depending on how well these interactive widgets work, though, we could be left with a bunch of annoying distractions or a set of super-helpful timesavers. The way Apple handles them is going to be vital.
We've been here before

Read more
Apple just gave Mac gamers a big reason to be excited
Craig Ferguson introducing Mac Gaming at WWDC.

When Apple announced it would revolutionize the world of Mac gaming at its Worldwide Developers Conference (WWDC) in June, many people were skeptical. But the latest update to the company’s Game Porting Toolkit has made some important changes to how games run on the Mac -- and the results are impressive.

The toolkit allows developers to move their Windows games across to macOS Sonoma. Games makers can test out how well their products run on Apple’s hardware and find out what they need to do to make the jump, something that Apple says ends up “significantly reducing the total development time.”

Read more