Blog

Zero Day Bug Found In MacOS

Oct 9, 2021 | Blog

A new Zero Day vulnerability in macOS has been discovered. The flaw impacts all macOS versions up to the latest release Big Sur. The bug was found by Park Minchan an independent security researcher and is tied to the way that macOS processes inteloc files. The processing methodology allows an attacker to embed malicious commands which the system will execute without any warnings or prompts visible to the user of the targeted machine.

Interloc is short for “internet location files” and have the extension “*.interloc”

A recently published SSD Secure Disclosure advisory had this to say about the newly discovered flaw:

“A vulnerability in macOS Finder allows files whose extension is inetloc to execute arbitrary commands. These files can be embedded inside emails which if the user clicks on them will execute the commands embedded inside them without providing a prompt or warning to the user.”

In this particular instance Apple botched the fix quietly patching the issue without assigning it a CVE identification number.

Unfortunately the fix was only partial and at present the bug can still be exploited in some instances as described below:

“Newer versions of macOS (from Big Sur) have blocked the file:// prefix (in the com.apple.generic-internet-location) however they did a case matching causing File:// or fIle:// to bypass the check. We have notified Apple that FiLe:// (just mangling the value) doesn’t appear to be blocked, but have not received any response from them since the report has been made. As far as we know, at the moment, the vulnerability has not been patched.”

Park Minchan developed a proof of concept that demonstrates how the bug could be exploited but to date no threat actors have been discovered exploiting the flaw in the wild. It is just a matter of time however. A flaw like this represents a serious weakness in the security of the OS.

Be aware that the easiest way to exploit the bug is via malicious links embedded in emails so make sure your employees are aware of the risks.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech