Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

This critical macOS flaw may leave your Mac defenseless

Apple’s macOS operating system has such a strong reputation for security that many people mistakenly believe Macs simply aren’t affected by malware. Well, Microsoft has served up a reminder that that’s not true, as the company has identified a serious vulnerability that affects one of macOS’s most important lines of defense.

According to Bleeping Computer, the bug was first reported by Jonathan Bar Or, Microsoft’s principal security researcher, who named the flaw Achilles. It is now tracked as CVE-2022-42821.

A close-up of a MacBook illuminated under neon lights.
Image used with permission by copyright holder

In simple terms, Achilles works by bypassing macOS’s Gatekeeper feature. Whenever a user downloads a Mac app, plugin, or installer that is not from Apple’s App Store, Gatekeeper checks that it is from a verified developer, is notarized by Apple to be free of malware, and hasn’t been altered. If the app passes those checks, it can run on the user’s Mac. If it fails, Gatekeeper blocks it.

Achilles, however, found a way around this protection. As laid out in a recent Microsoft blog post, macOS assigns an extended attribute called com.apple.quarantine to apps downloaded using internet browsers. Among other things, this attribute tells macOS that Gatekeeper should check the file before it can be installed.

Achilles blocks the assignment of this attribute. That means a malicious file will be able to run on macOS without ever triggering Gatekeeper, thereby side-stepping Apple’s built-in security protections.

Interestingly, Microsoft says macOS’s Lockdown Mode is no use in fighting Achilles because it is designed to solve a different problem. Lockdown Mode is a special high-security mode in macOS that protects individuals who are vulnerable to highly sophisticated cyberattacks — think journalists in repressive states, for example. Regardless of your Lockdown Mode status, you should update macOS to protect against Achilles.

The security flaw was originally discovered by Microsoft in July 2022, and was fixed by Apple in macOS 13 (Ventura), macOS 12.6.2 (Monterey), and macOS 11.7.2 (Big Sur). It highlights the importance of keeping macOS up to date to ensure you have the latest security patches and fixes.

It’s not the first time Microsoft has spotted a macOS vulnerability and helped Apple fix it. In February 2022, for example, Microsoft issued a warning about a macOS trojan called UpdateAgent. Interestingly, this malware could also get around Gatekeeper. It shows that while Gatekeeper is an excellent piece of defensive software, it’s not bulletproof.

Editors' Recommendations

Alex Blake
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
Stop using these default Mac apps — trust me
A person using a MacBook Air connected to two monitors.

Apple makes a huge variety of its own Mac apps, and some of them are among the best Mac apps you can get. The problem is that while many of them are pretty excellent, that’s not the case for every last one -- some are middling while others are worth avoiding altogether.

Whatever the case, you might be looking for an alternative to Apple’s built-in Mac apps. Here, we’ve catalogued the apps we think you should replace first, and suggested which third-party apps you should swap them out for. That should bring you more features and an all-around better Mac experience.
Calculator (use PCalc instead)
The PCalc app in macOS Sonoma Digital Trends

Read more
Here are 5 macOS 15 features that I can’t wait to see
Apple CEO Tim Cook walks off stage after speaking during the Apple Worldwide Developers Conference.

Apple’s Worldwide Developers Conference (WWDC) is less than a month away, meaning it’ won't be long before we find out exactly what sort of updates are coming to macOS 15. It’s always an exciting time for Mac users, as we get to find out what Apple is doing to tune up its operating systems and improve the Mac experience for all of us.

By this stage, we’ve already seen a bunch of intriguing leaks hinting at what’s coming in macOS 15. There are a few things I really want Apple to fix, as well as plenty of cool features heading our way if the rumors prove to be correct.

Read more
The 6 key things Apple must fix in the next version of macOS
Craig Federighi introducing macOS Sonoma at Apple's Worldwide Developers Conference (WWDC) in June 2023.

I use macOS every day, and there’s no doubt that I love it as an operating system. Yet, despite how full of genuinely brilliant features it is, there are still a handful of things I just wish it did better.

Luckily, Apple’s Worldwide Developers Conference (WWDC) is just a month away, which means there’s not long until we see what kind of software improvements Apple has in store for us. I’ve been thinking hard about what kind of changes I’d like to see happen, from Siri to Stage Manager and everything in-between. Here are the key areas I think Apple needs to fix in macOS 15.
Hey Siri, meet AI
Even when I ask Siri for the WWDC date, it can't give me a straight answer. Digital Trends

Read more