Skip to main content
  1. Home
  2. Computing
  3. News

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

This critical macOS flaw may leave your Mac defenseless

By

Apple’s macOS operating system has such a strong reputation for security that many people mistakenly believe Macs simply aren’t affected by malware. Well, Microsoft has served up a reminder that that’s not true, as the company has identified a serious vulnerability that affects one of macOS’s most important lines of defense.

According to Bleeping Computer, the bug was first reported by Jonathan Bar Or, Microsoft’s principal security researcher, who named the flaw Achilles. It is now tracked as CVE-2022-42821.

A close-up of a MacBook illuminated under neon lights.
Image used with permission by copyright holder

In simple terms, Achilles works by bypassing macOS’s Gatekeeper feature. Whenever a user downloads a Mac app, plugin, or installer that is not from Apple’s App Store, Gatekeeper checks that it is from a verified developer, is notarized by Apple to be free of malware, and hasn’t been altered. If the app passes those checks, it can run on the user’s Mac. If it fails, Gatekeeper blocks it.

Recommended Videos

Achilles, however, found a way around this protection. As laid out in a recent Microsoft blog post, macOS assigns an extended attribute called com.apple.quarantine to apps downloaded using internet browsers. Among other things, this attribute tells macOS that Gatekeeper should check the file before it can be installed.

Related

Achilles blocks the assignment of this attribute. That means a malicious file will be able to run on macOS without ever triggering Gatekeeper, thereby side-stepping Apple’s built-in security protections.

Interestingly, Microsoft says macOS’s Lockdown Mode is no use in fighting Achilles because it is designed to solve a different problem. Lockdown Mode is a special high-security mode in macOS that protects individuals who are vulnerable to highly sophisticated cyberattacks — think journalists in repressive states, for example. Regardless of your Lockdown Mode status, you should update macOS to protect against Achilles.

The security flaw was originally discovered by Microsoft in July 2022, and was fixed by Apple in macOS 13 (Ventura), macOS 12.6.2 (Monterey), and macOS 11.7.2 (Big Sur). It highlights the importance of keeping macOS up to date to ensure you have the latest security patches and fixes.

It’s not the first time Microsoft has spotted a macOS vulnerability and helped Apple fix it. In February 2022, for example, Microsoft issued a warning about a macOS trojan called UpdateAgent. Interestingly, this malware could also get around Gatekeeper. It shows that while Gatekeeper is an excellent piece of defensive software, it’s not bulletproof.

Editors’ Recommendations

Topics
Alex Blake
Alex Blake
Computing Writer
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
WWDC 2025 date confirmed as we wait for iOS 19, macOS 16, watchOS 12 and more
Apple WWDC 2025 logo

Apple has confirmed the date for its annual World Wide Developers Conference (WWDC 2025), where executives from the Cupertino, California-based firm will reveal the next generation of its various software platforms.

WWDC 2025 will take place between June 9 and June 13, with the keynote presentation (which Apple is teasing as a "special event") set to happen on the first day of the conference. Apple has also confirmed that this year's WWDC event will be entirely online and all developers can join for free.

Read more
macOS 16: everything you need to know
macos update everything you need to know craig federighi ventura wwdc 2023

Apple's Worldwide Developers Conference (WWDC 2025) date has been set for June 9, 2025, and the next macOS installment will be one of the main attractions. Excitement is already building for this year's installment thanks to rumors of a major design overhaul for the Mac operating system. This is everything we've heard so far about macOS 16.
When will macOS 16 launch?

In recent years, Apple has developed a neat little schedule for WWDC, announcements, and product releases. As we now know that WWDC will take place on June 9, it's highly likely that macOS 16 will be announced on that day. The keynote will introduce all of the biggest new features, updates, and products, making it the most exciting part of the conference for most of us.

Read more
Latest Apple OS land in beta, these are all the new features to try
Apple OS beta

Apple has taken the wraps off its latest operating systems for beta testing, meaning some exciting new features are available.

The new systems run across Apple devices with the arrival of iOS 18.4, macOS 15.4, watchOS 11.4, iPadOS 18.4, tvOS 18.4, and visionOS 2.4 all now available in RC.

Read more