Patch does not work: Mac platform security vulnerabilities still exist

Patch does not work: Mac platform security vulnerabilities still exist

Synack, a security research organization, revealed in a report in May that the keeper in the Mac platform has a serious system vulnerability that they can exploit to bypass the keeper, then let the Mac device open the infected software. Specifically, the Keeper does not pay attention to the subsequent actions of the software after it passes the review of specific software. After Apple saw the Synack report, it updated the system on July 15, November and July 15, December respectively. However, neither of the two updates seems to have fixed the Keeper vulnerability. Now Synack has confirmed this. That is to say, after nearly four months, the Mac platform's security vulnerability issue remains unresolved.

Patrick Wardle, a senior researcher at Synack, told the media that it only takes five minutes to bypass keeper and infect Mac devices. The researcher also said they have released a tool that can prevent Mac device infections to a certain extent, but the final solution should be completed by Apple. An Apple spokesman has responded to the issue and will further improve the security of the Keeper.

Keeper is a new security detection function that Apple adds to OS X Mountain Lion. It can effectively help Mac users guard their machines to prevent malicious software from entering. Keeper can be used not only as an application diagnostics for Mac App Store, but also as a developer identification. If developers release their applications outside the Mac App Store, they can register on the Apple developer page and then receive the officially issued certificate from Apple.

This article permanently updates the link address: