Microsoft claims it found a major macOS security bug that could put all your data at risk

A fix is already available, so make sure to patch as soon as possible

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsoftsecurity researchers have uncovered a vulnerability in the macOSoperating systemthat could allow threat actors to gain access to sensitive data stored on the device.

The company detailed its findings in ablog post, which claimed the flaw bypasses the operating system’s Transparency, Consent, and Control (TCC) technology, and it was dubbed “HM Surf”.

The bug is now tracked as CVE-2024-44133. It has a severity score of 5.5 (medium), and was fixed in mid-September 2024.

What about Chrome, or Firefox?

Microsoft explained that the vulnerability removes TCC protection for theSafaribrowser directory, and allows for the modification of a configuration file in that directory. As a result, the malicious actor gains access to user data, such as browsed pages, the camera, microphone, location, and more - all without user consent.

While the bug being patched is definitely good news, there is a caveat. As explained in the article, only Safari uses the new protections afforded by the TCC, at the moment. That means other browsers, such as Chrome, or Firefox, “do not have the same private entitlements asAppleapplications,” so they can’t work around the TCC checks. In other words, once a user approves TCC checks, the app is the one maintaining access to the privacy database.

“Microsoft is currently collaborating with other major browser vendors to investigate the benefits of hardening local configuration files,” the company explained.

Apple users are encouraged to apply the security update as soon as possible, since Microsoft claims to have found a possible case of in-the-wild abuse:

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“Behavior monitoring protections inMicrosoft Defender for Endpointhas detected activity associated with Adload, a prevalent macOS threat family, potentially exploiting this vulnerability,” it concluded.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Rising AI threats are making firms turn back to human intelligence

Thousands of employees could be falling victim to obvious phishing scams every month

Warhammer 40,000: Darktide is coming to PS5 with PS5 Pro support at launch