Apple takes the security of its phones, computers, and tablets seriously, but one researcher says that there’s one known flaw that it hasn’t yet gotten around to fixing.
That security flaw affects Macs around the globe and relates to vulnerabilities in Apple’s macOS Background Task Management system, a feature that is supposed to warn people if an app tries to become persistent, ensuring that it can run without the user’s knowledge.
However, one researcher says that while the Background Task Management system is well-intentioned, “the implementation was done so poorly that any malware that’s somewhat sophisticated can trivially bypass the monitoring,” Apple would no doubt agree that the best Mac is a secure one, making this claim particularly worrisome.
Deeper issues left unfixed
Wired reports that security researcher Patrick Wardle shared details about his findings at the Defcon hacker conference in Las Vegas. In fact, Wardle didn’t just find one issue. There were a few.
“When Background Task Manager first debuted, Wardle discovered some more basic issues with the tool that caused persistence event notifications to fail,” Wired reports. “He reported them to Apple, and the company fixed the error. But the company didn’t identify deeper issues with the tool.”
Wardle went on to say that Apple “didn’t realize that the feature needed a lot of work.” As a result, there are still some problems for it to deal with — including ways for apps to disable persistence notifications generated by Background Task Manager without the need for elevated privileges.
“One of these exploits takes advantage of a bug in how the alerting system communicates with the core of a computer’s operating system known as the kernel,” Wired explains. “The other capitalizes on a capability that allows users, even those without deep system privileges, to put processes to sleep. Wardle found that this capability can be manipulated to disrupt persistence notifications before they can get to the user.”
Wardle says that the only reason that these bugs have been shared at Defcon is that it already told Apple about the flaws, but they haven’t been fixed yet.
It isn’t clear if the upcoming macOS Sonoma update will address the security issues Wardle mentions, however.