Mac曝重大安全漏洞,攻擊者可以秘密截屏
Chris Morris
2021-05-30
在macOS操作系統(tǒng)中新發(fā)現(xiàn)的漏洞可能會(huì)讓攻擊者在機(jī)主不知情的情況下截屏,、錄制視頻或訪問硬盤文件。
網(wǎng)絡(luò)安全研究公司Jamf發(fā)布的一份報(bào)告稱,,惡意軟件可以避開名為“透明許可與控制”(Transparency Consent and Control,,簡(jiǎn)稱TCC)的隱私保護(hù)功能,該功能通過控制應(yīng)用程序能夠訪問的資源,從而保護(hù)用戶隱私,。(例如,,該功能要求應(yīng)用程序經(jīng)用戶授權(quán)后才可以訪問攝像頭或麥克風(fēng)。)
去年首次發(fā)現(xiàn)的一種名為XCSSET的惡意軟件,,利用其他應(yīng)用程序獲得的權(quán)限繞過TCC隱私保護(hù)功能,,廣泛訪問受感染的Mac。
Jamf寫道:“檢測(cè)小組發(fā)現(xiàn),,惡意軟件XCSSET一旦安裝在受害者的系統(tǒng)上,,無需額外權(quán)限,即可專門被用來截取用戶桌面的屏幕截圖,?!?/p>
當(dāng)人們?cè)诩夜ぷ鞑⑹褂肕ac進(jìn)行Zoom 會(huì)議等活動(dòng)時(shí),這種問題就更加嚴(yán)重,,因?yàn)榇藭r(shí)極易受到攻擊,。比如,,Jamf指出,惡意軟件能夠連接到Zoom并錄制用戶的屏幕,,但不會(huì)給出任何提示,。
蘋果公司已經(jīng)發(fā)布了一款補(bǔ)丁軟件來阻止XCSSET利用此漏洞,,并建議人們立即為安裝macOS 11.4及以上版本的Mac下載該補(bǔ)丁軟件,。
這并非蘋果今年發(fā)生的第一起安全問題。安全專家曾經(jīng)警告稱,,4月,,AirDrop功能隱藏的漏洞可能會(huì)讓15億用戶的個(gè)人信息面臨安全風(fēng)險(xiǎn)。(財(cái)富中文網(wǎng))
翻譯:郝秀
審校:汪皓
在macOS操作系統(tǒng)中新發(fā)現(xiàn)的漏洞可能會(huì)讓攻擊者在機(jī)主不知情的情況下截屏、錄制視頻或訪問硬盤文件,。
網(wǎng)絡(luò)安全研究公司Jamf發(fā)布的一份報(bào)告稱,,惡意軟件可以避開名為“透明許可與控制”(Transparency Consent and Control,,簡(jiǎn)稱TCC)的隱私保護(hù)功能,,該功能通過控制應(yīng)用程序能夠訪問的資源,,從而保護(hù)用戶隱私,。(例如,該功能要求應(yīng)用程序經(jīng)用戶授權(quán)后才可以訪問攝像頭或麥克風(fēng),。)
去年首次發(fā)現(xiàn)的一種名為XCSSET的惡意軟件,,利用其他應(yīng)用程序獲得的權(quán)限繞過TCC隱私保護(hù)功能,廣泛訪問受感染的Mac,。
Jamf寫道:“檢測(cè)小組發(fā)現(xiàn),,惡意軟件XCSSET一旦安裝在受害者的系統(tǒng)上,,無需額外權(quán)限,,即可專門被用來截取用戶桌面的屏幕截圖?!?/p>
當(dāng)人們?cè)诩夜ぷ鞑⑹褂肕ac進(jìn)行Zoom 會(huì)議等活動(dòng)時(shí),這種問題就更加嚴(yán)重,,因?yàn)榇藭r(shí)極易受到攻擊,。比如,Jamf指出,,惡意軟件能夠連接到Zoom并錄制用戶的屏幕,但不會(huì)給出任何提示,。
蘋果公司已經(jīng)發(fā)布了一款補(bǔ)丁軟件來阻止XCSSET利用此漏洞,并建議人們立即為安裝macOS 11.4及以上版本的Mac下載該補(bǔ)丁軟件,。
這并非蘋果今年發(fā)生的第一起安全問題,。安全專家曾經(jīng)警告稱,,4月,,AirDrop功能隱藏的漏洞可能會(huì)讓15億用戶的個(gè)人信息面臨安全風(fēng)險(xiǎn)。(財(cái)富中文網(wǎng))
翻譯:郝秀
審校:汪皓
A newly discovered flaw in the macOS operating system could allow intruders to take screenshots, record video, or access files on a hard drive without the machine owner’s knowledge.
A report from cybersecurity research firm Jamf says the bypass performs an end-run around a privacy feature known as Transparency Consent and Control, which controls the resources applications have access to, as a privacy safeguard. (This is the feature that asks for a user's permission when an app wants access to the camera or microphone, for example.)
A type of malware, dubbed XCSSET, which was first discovered last year, has found a way to use permissions obtained by other apps to bypass TCC, giving it broad access to infected Macs.
“The detection team noted that once installed on the victim’s system, XCSSET was using this bypass specifically for the purpose of taking screenshots of the user’s desktop without requiring additional permissions,” Jamf wrote.
That’s especially troublesome in an environment where people are working from home and using their Macs for activities such as Zoom calls, which can be especially vulnerable. In one example Jamf illustrated, the malware was able to hook into Zoom and record the user’s screen without any sort of prompt.
Apple already has issued a patch to keep XCSSET from using this vulnerability and is encouraging anyone running macOS 11.4 or later to download it immediately.
This isn’t the first security issue for Apple this year. Security experts sounded a warning that a feature tied with AirDrop could put the personal information of 1.5 billion users at risk in April.
財(cái)富中文網(wǎng)所刊載內(nèi)容之知識(shí)產(chǎn)權(quán)為財(cái)富媒體知識(shí)產(chǎn)權(quán)有限公司及/或相關(guān)權(quán)利人專屬所有或持有。未經(jīng)許可,,禁止進(jìn)行轉(zhuǎn)載,、摘編、復(fù)制及建立鏡像等任何使用,。
