Here at Macworld, we advise users to update their operating systems as soon as possible after Apple retires one. A recent report by Thijs Alkemade, a security researcher at cybersecurity firm Computestreminds, reminds us of reason number one: They often contain critical security patches.
According to Wired, a macOS vulnerability has been discovered in macOS Save State, which automatically reopens apps and files you had open when you reboot your Mac. Alkemade, which discovered the hole in December 2020, was able to successfully launch a process injection attack against the Mac’s saved state. He was then able to bypass several other Mac security features and then access user files, change system settings, and use the webcam. Wired has stated that there is no evidence that this bug has been used in the real world.
Filed as CVE-2021-30873 in the National Vulnerability Database, the bug was fixed in the macOS Monterey 12.0.1 update released on October 25, 2021. For macOS Catalina, the support document states that security update 2021-007, released on October 24 October 2021, contains a fix for the same vulnerability. There doesn’t seem to be a patch for Big Sur. Versions of macOS older than Catalina (version 10.14.6 Mojave and older) are considered unsupported or obsolete by Apple. A similar flaw has also been fixed in iOS 14.5 and iPadOS 14.5.
A blog post on the Computest website explains the attack in detail and also shows how a fix can be seen using Xcode, Apple’s integrated development environment (IDE) application for writing software. It’s all very technical, but you don’t need to be an engineer to understand this warning: “With the SIP filesystem freed, we can read all files from secure locations, such as a user’s Mail.app mailbox,” writes Alkemade. “We can also change the TCC database, which means we can give ourselves permission to access the webcam, microphone, etc.”
Alkemade also presented his findings at the Black Hat 2022 conference last week, and slides of his presentation are available online. Security researchers often disclose their findings after they have reported to the relevant companies and the vulnerabilities have been patched.
How to update macOS
Updates for macOS are free. An internet connection is required and your Mac needs to be restarted. Allow about 30 minutes for installation. Here are the steps to install:
- Go to “System Preferences” in the Apple menu.
- Press Software update.
- Your Mac will check if any updates are available. If it is true, Install button will appear. Click on it and your Mac will start downloading the update. After that, the installation will begin.