Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Update your Mac now to fix vulnerability that gives full access to spying apps

Microsoft is warning Mac users to update to the latest version of MacOS Monterey after it found a vulnerability in Apple’s Transparency, Consent, and Control (TCC) feature.

Exploiting this vulnerability could allow malicious actors to spoof the TCC and plant malware or hijack another app on the computer.

macOS Monterey powerdir vulnerability screenshot.
Image used with permission by copyright holder

Introduced in 2012 with MacOS Mountain Lion, TCC is designed to help control an app’s access to things such as the camera, microphone, and data. When an app requests access to protected data, the request is compared to existing stored records in a special database. If the records exist, then the app is denied or approved access based on a flag that denotes the level of access.

Recommended Videos

Otherwise, a prompt is shown to the user to explicitly grant or deny access. Once the user responds, that request is stored in the database and future requests will follow the user’s previous input.

According to Microsoft, the “powerdir” vulnerability, also known as CVE-2021-30970, was actually exploited two times by their security researchers. The first “proof of concept” exploit basically planted a fake TCC database file and changed the user’s home directory.

By doing this, Microsoft was able to change the settings on any application or enable access to the microphone or camera. Microsoft was even cheekily able to give Teams mic and camera access. Microsoft reported these initial findings to Apple in July 2021, though the exploit apparently still worked, despite Apple fixing a similar exploit demonstrated at Black Hat 2021.

The second proof of concept exploit came about because a change in MacOS Monterey’s dsimport tool broke the first exploit. This new exploit allows an attacker to use code injection to change binary called /usr/libexec/configd. This binary is responsible for making system level configuration changes, including access to the TCC database. This allowed Microsoft to silently change the home directory and execute the same kind of attack as the first exploit.

Fortunately, Microsoft again notified Apple of the vulnerability, and it was patched last month. Microsoft is urging macOS users to ensure that their version of MacOS Monterey is updated with the latest patch. The company also took time to promote its own Defender for Endpoint enterprise security solution, which was able to prevent those exploits even before Apple patched them.

There have been previous TCC exploits, including one that utilizes Apple’s built in Time Machine utility, that have since been patched as well. It’s always highly advised to keep all of your devices updated with the latest patches to prevent possible exploits like this. Feel free to read the details of Microsoft’s TCC exploits on their security blog post.

David Matthews
David is a freelance journalist based just outside of Washington D.C. specializing in consumer technology and gaming. He has…
The new macOS update includes a battery boost for Safari
Laptop showing the macos 15.5 update.

The macOS 15.5 update is here, and it's overall pretty light on features. However, the Safari 18.5 update bundled with it does include a new developer feature that will save battery life for users. "Declarative Web Push" is a more efficient approach to web notifications that will drain less battery every time you get a notification on Safari.

The feature already came to iOS and iPadOS in the last update, allowing developers to swap their notification implementations to the simpler JSON format. Just for fun, here's what it looks like:

Read more
I tried a $5 scratchpad app for the Mac. I’ll never go back to Apple Notes
Summoning a scratchpad in the Antinote app for macOS.

I have missed more transitory ideas than I can count while absorbed in work. Or missed deadlines. Or forgot minor chores. On a few occasions, I was just too lazy to reach out for my iPhone, open a to-do app, create a new page, and type in. You feel the flow here, right?

On other occasions, I just lost my train of thought mid-way through it all. Often, an app just doesn’t have the functions I need for that fleeting, low-stakes note-taking job. Then there’s the load of “yet another app” taking up precious screen space. 

Read more
Apple could soon fix Wi-Fi access woes across all your devices
Setting up Wi-Fi on an iPhone.

One of the biggest hassles while traveling is the hunt for a decent internet connection, and then getting it to work across all your devices. The conundrum is now mainstream across hotels, lodges, and coffee shops — essentially all the establishments a person is supposed to spend a few hours of their day, but needs to fill a web form first before they can get internet access.

Apple will soon put an end to those Wi-Fi registration struggles. According to Bloomberg, the company is working on “a system that can synchronize captive Wi-Fi access details across the iPhone, iPad and Mac.”

Read more