Last Updated on 31/01/2022 by Nidhi Khandelwal
Last year, Apple patched a fresh set of macOS vulnerabilities that may have allowed malicious actors to gain access to users’ online accounts, microphones, and webcams.
Ryan Pickren, a security researcher who identified and reported the defects to Apple, was awarded a bug bounty of $100,500, emphasizing the seriousness of the problems.
The attacker can hijack the multimedia permission and acquire “complete access to any website ever visited by the victim” in Safari by leveraging a series of security flaws in iCloud Sharing and Safari 15, including Gmail, iCloud, Facebook, and PayPal accounts.
ShareBear, an iCloud file-sharing mechanism that prompts users when they try to open a shared document for the first time, is the source of the problems. Pickren discovered that anyone with access to the file can change the file’s content to whatever by taking advantage of the fact that users are never shown the prompt again once they accept to open the file.
Pickren noted in a technical write-up that “ShareBear would then download and update the file on the victim’s workstation without any user involvement or notification.” “In other words, the victim has given the attacker authority to install a polymorphic file on their machine and launch it remotely at any time.”
Pickren has now revealed holes in iOS and macOS that, if successfully exploited, may be used to gain unauthorised access to the camera by visiting a specially built website.
Pickren remarked, “This study was an intriguing exploration of how a design problem in one application might enable a number of other, unrelated flaws to become more harmful.” “It was also an excellent demonstration of how an attacker can cause a lot of havoc even with macOS Gatekeeper enabled by deceiving approved apps into doing nefarious things.”