Unfortunately, such a solution does not offer fool-proof security – Wardle has simply found a new Apple trusted file that was not on the blacklist, and which allowed him to reprise the attack. Until they come up with a permanent fix, which will require a redesign of OS X, Apple has temporarily blocked this attack avenue by creating a (short) blacklist of files that Wardle reported could be repackaged to trip up the Gatekeeper and introduce malware on Macs. Do you remember when, last October, Synack director of research Patrick Wardle found a simple way to evade OS X’s Gatekeeper defense mechanism by bundling up a legitimate Apple-signed app with a malicious, unsigned one placed in the same directory, and wrapping it all up in an Apple disk image file?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |