The security researcher who identified a serious flaw in Apple’s Gatekeeper reports that the vulnerability remains despite two security patches applied by the company. Each, he says, only blocks the specific apps he used to demonstrate the method.
Gatekeeper in theory allows users to ensure that their Mac will only run apps downloaded from the Mac App Store – or alternatively, signed by a known developer if you opt for a lower level of protection. But Patrick Wardle last September found a major vulnerability in this protection which would allow any malicious app to be run no matter what Gatekeeper setting was chosen.
Wardle informed Apple, which issued a security patch in response, but Wardle has now reverse-engineered the patch and found that it provides only extremely limited protection …
Engadget reports that Apple simply blocked the specific apps Wardle had used as proof of concept. He was able to work around this by using a new set of apps, and Apple again responded only by blocking those specific apps.
The only way to protect against the vulnerability for now is to ensure that a Mac has only ever downloaded apps from the Mac App Store or from trusted developers that provide downloads over an https link.
Filed under: Mac Tagged: Apple Inc, el capitan, Gatekeeper, Gatekeeper flaw, Gatekeeper vulnerability, Mac App Store, OS X
For more news on Mac, Apple Inc, and OS X continue reading at 9to5Mac.
What do you think? Discuss “PSA: Apple hasn’t fixed the Gatekeeper vulnerability, only blocked specific apps using it” with our community.
Recent Comments