Skip to main content

Critical MacOS Mojave vulnerability bypasses system security

macOS Mojave desktop
macOS Mojave is Apple’s latest operating system. Image used with permission by copyright holder

With the launch of a new version of macOS from Apple typically comes a culmination of new features, better performance, and enhanced security. Unfortunately, the previous statement might not necessarily be true as security researcher Patrick Wardle, co-founder of Digita Security, has discovered that MacOS Mojave includes a severe security flaw; the bug is currently present on all machines running the latest version of macOS and allows unauthorized access to a users’ private data.

Recommended Videos

Wardle announced his discovery on Twitter, showcasing that he could easily bypass macOS Mojave’s built-in privacy protections. Due to the flaw, an unauthorized application could circumvent the system’s security and gain access to potentially sensitive information. With the Twitter post, Wardle also included a one-minute Vimeo video showing the hack in progress.

The short video begins with Wardle attempting to access a user’s protected address book and receiving a message that states the operation is not permitted. After accessing and running his bypass program, breakMojave, Wardle is then able to locate the user’s address book, circumvent the machine’s privacy access controls, and copy the address book’s contents to his desktop — no permissions needed.

[0day] Bypassing Mojave's Privacy Protections

Wardle is an experienced security researcher who has worked at NASA and the National Security Agency in his past; he notes that one of his current passions is finding MacOS security flaws before others have the chance. While it is unlikely Wardle will release the app as a malicious tool, he does want to spread knowledge of its existence so that Apple addresses the issue in a timely fashion.

As usual for such a discovery, Apple has yet to comment on the vulnerability, so our eyes will be tied to future OS updates, looking for a bug fix. As MacOS Mojave was only officially launched September 24, the finding is indeed considered a ‘day-zero’ vulnerability, and we hope that Apple will jump to address the problem as soon as possible.

For fellow security researchers who want to know more details about the attack, Wardle will be speaking about the bug at the upcoming Mac security conference ‘Objective by the Sea,’ hosted in Hawaii in November. For the rest of us, we are in Apple’s hands until the security vulnerability is patched.

Michael Archambault
Former Digital Trends Contributor
Michael Archambault is a technology writer and digital marketer located in Long Island, New York. For the past decade…
Apple needs to fix the basics for macOS 26, or let AI run the show
Background apps on M4 MacBook Air.

The Mac apps community is a wonderful place to find utilities that can supercharge your computing experience. Alfred, Raycast, AlDente, and Rectangle are some of the most highly recommended apps for macOS users these days. The open-source community has also produced a few utilities (and their forks) that I use on a daily basis. 

If you read between the lines, you'll notice that these apps fill a functional gap that Apple has yet to offer natively. On the other side of the computing ecosystem, Windows has served those perks for years. Will the next big software upgrade, macOS 26, finally give users an in-house fix? We’ll only get the answer at WWDC 2025 in just over a week from now. 

Read more
How to keep your Apple devices safe from AirPlay attacks
Apple AirPlay streaming to another device.

Apple’s approach to building new features has always been rooted in safety and seamless convenience. Take, for example, AirPlay, a wireless standard created by the company that allows users to stream audio and video from one device to another.

AirPlay works not just across Apple devices, but also on TVs and speakers cleared by the company to offer the wireless streaming facility. That also makes it a ripe target for attacks, and it seems there are, in fact, vulnerabilities in the wireless lanes that could allow bad actors to seed malware and infect more connected devices. 

Read more
Every macOS version in order: from the first public beta to macOS 15
Apple MacBook Air 15 M4 front angled view showing display and keyboard.

Apple’s macOS operating system has changed a lot over the last 25 years, with new features and designs coming and going as the decades have passed. Even the name has been adjusted, starting out as Mac OS X before shortening to OS X and eventually settling on macOS. The world the original version inhabited back in 2000 is very different to today.

Including the initial public beta, Apple has released 22 versions of the Mac operating system so far, with new launches becoming an annual occurrence. But it wasn’t always this way, and there have been some fascinating updates and developments in the time since the first version appeared. Let’s see how macOS has changed over the years.

Read more