Own a Mac? Your computer is open to a new flaw with no known fix


Apple devices are renowned for their resistance to viruses, spyware and malware. Much of this claim comes from Apple itself, though the company isn’t as vocal about it anymore.

The thing is that Apple hardware, like your Mac computer, can be infected. But it’s a less common occurrence when compared to PCs. Tap or click here to learn the truth behind the claims.

Updating your devices is important, but hackers are always working to get around safeguards. A new flaw was discovered by security researchers that affect Macs running macOS all the way up to the latest version.

The exploit

Security researchers at the SSD Secure Disclosure program reported a vulnerability that lets hackers run commands on Macs running Big Sur and prior versions of macOS. It was brought to the firm’s attention by independent researcher Park Minchan.

A vulnerability in macOS Finder allows files with a certain extension, inetloc, to execute commands. These files are being embedded in emails that are activated when a user clicks on them. The commands will run without the user’s knowledge.

This is a zero-day exploit, in that it was discovered before Apple knew about it. The Cupertino company has taken steps to fix it, but apparently did not do enough.

Apple patched the vulnerability when using the prefix file:// but not when a simple case change, such as FiLe:// is made. SSD Secure Disclosure reported the issue to Apple and has yet to receive a response.

How to protect your Mac

You can take some steps to reduce the chances of an attack on your computer. These precautions generally work for PCs, smartphones and tablets as well, but we’ll focus on Macs for this report.

  • Don’t click links or download attachements found in unsolicited emails. They could be malicious and infect your device with malware.
  • Keep your Mac updated to get the latest fixes and patches. Click the Apple icon in the upper-left corner of your screen and select System Preferences from the drop-down menu. Click Software Update and if one is available, click Update…

Source…