Details can be found in the latest Mac Platform Security Content update. The out of sync version of MacOS Big Sur 11.5.1 should be considered urgent:
“Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited … A memory corruption issue has been addressed with improved memory management. “
It should be noted that alongside macOS Big Sur, Apple rushed one-off updates for iOS and iPadOS. Following the release of the update, a number of security researchers have identified the vulnerability which has been fixed. Reported as CVE-2021-30807, it could allow an arbitrary code to run on an Apple device with kernel privileges, and the potential to take over your Mac.
One of these researchers, Saar Amar, has published an in-depth review of the exploit.
Apple’s platform security has come under intense scrutiny this year, and particularly last month. The capabilities of NSO Group’s “Pegasus” software to crack MacOS, iOS and iPadOS platforms have been the subject of much discussion in the media.
There is currently no indication that the exploit fixed in 11.5.1 is part of this package. Objective-See founder Patrick Wardle spoke to The Guardian’s Stephanie Kirchgaessner and Alex Hern, Wardle now notes that Apple’s closed nature contrasts sharply with other big companies and how it can be detrimental in the long run :
« [If you] talk to any external security researcher, they probably won’t have a lot of good things to say about Apple. Whereas if you talk to security researchers in dealing with, say, Microsoft, they’ve said, “We’re going to put our egos aside and we will ultimately realize that security researchers are reporting vulnerabilities that ultimately profit. to our users, because we are able to correct them. ‘ I don’t think Apple has the same mindset.
This is not a new approach from Apple, but the limitations of the approach are becoming more apparent this year. Still, for macOS users around the world, updating Apple quickly to your operating system is highly recommended.
Learn more about the difficult choice between MacBook Pro and MacBook Air …