Jump to content
  • Sign Up
×
×
  • Create New...
New feature: 1 Vote = 0.10€ for server Owner!

macOS ‘Migraine’ Exploit Capable of Bypassing System Integrity Protection Detected by Microsoft

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted



macOS ‘Migraine’ Exploit Capable of Bypassing System Integrity Protection Detected by
This is the hidden content, please

This is the hidden content, please
recently detected a security exploit that could allow attackers to bypass a core security feature on computers running on macOS. Dubbed “Migraine”, the vulnerability can be used to sidestep Apple’s System Integrity Protection (SIP) on macOS — a feature that protects parts of the operating system related to system integrity by restricting access to certain files — and install malware on a victim’s computer.
This is the hidden content, please
warned Apple about the security flaw and the Cupertino company has patched the flaw with its latest security update.

According to details shared by

This is the hidden content, please
in a
This is the hidden content, please
, the “Migraine” security exploit relies on Migration Assistant, a tool provided by Apple to allow users to transfer files from one Mac to another or from a Windows PC to a Mac. The Migration Assistant app from Apple has unrestricted root access that allows it to perform its data transfer function, and security researchers at
This is the hidden content, please
leveraged the special ‘entitlement’ given to the tool, for the exploit.

After modifying the Migration Assistant to run without logging off a user,

This is the hidden content, please
was able to run the tool in debug mode to bypass a signature check. The company used a 1GB Time Machine backup with malicious software, using a script to cause Migration Assistant to import the backup and infect the host system. The entire process bypassed the System Integrity Protection feature that was first introduced on macOS in 2015.

This is the hidden content, please
’s modified Migration Assistant can function without signing out
Photo Credit:
This is the hidden content, please

 

It is worth noting that the Migration Assistant is typically available during user setup, which means that an attacker would need to have local access to a machine.

This is the hidden content, please
says that the arbitrary system bypasses like Migraine could create files that are protected by SIP, the same mechanism that it bypasses, making deletion very difficult. Attackers can also run arbitrary kernel code and tamper with the system to enable rootkits.
This is the hidden content, please
adds that these exploits can also be used to gain access to private data as well as computer accessories and devices.

Users who have updated their computers to macOS 13.4 after it was rolled out on May 18 should be safe from the exploit, which has been patched by Apple.

This is the hidden content, please
disclosed the security flaw to Apple, allowing the firm to roll out a fix for the issue. Meanwhile, the company has
This is the hidden content, please
This is the hidden content, please
’s Jonathan Bar Or, Anurag Bohra, and Michael Pearse for identifying the exploit.

This is the hidden content, please
I/O 2023 saw the search giant repeatedly tell us that it cares about AI, alongside the launch of its first foldable phone and Pixel-branded tablet. This year, the company is going to supercharge its apps, services, and Android operating system with AI technology. We discuss this and more on Orbital, the Gadgets 360 podcast. Orbital is available on
This is the hidden content, please
,
This is the hidden content, please
,
This is the hidden content, please
,
This is the hidden content, please
,
This is the hidden content, please
,
This is the hidden content, please
and wherever you get your podcasts.
Affiliate links may be automatically generated – see our ethics statement for details.





This is the hidden content, please

macos migraine security flaw bypass apple system integrity protection

This is the hidden content, please
macos,security flaws,
This is the hidden content, please
,apple,migraine
#macOS #Migraine #Exploit #Capable #Bypassing #System #Integrity #Protection #Detected #
This is the hidden content, please

This is the hidden content, please

0

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept