{"id":13729,"date":"2018-09-24T16:21:00","date_gmt":"2018-09-24T16:21:00","guid":{"rendered":"http:\/\/2a763b51-dbc4-4783-ab78-1e0ed9eaea6e"},"modified":"2018-09-24T16:21:00","modified_gmt":"2018-09-24T16:21:00","slug":"apple-macos-mojave-zero-day-privacy-bypass-vulnerability-revealed","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/apple-macos-mojave-zero-day-privacy-bypass-vulnerability-revealed\/","title":{"rendered":"Apple MacOS Mojave zero-day privacy bypass vulnerability revealed"},"content":{"rendered":"

A zero-day vulnerability in Apple Mojave has been disclosed on the day the latest version of the MacOS operating system leaves beta and becomes available to members of the public.<\/p>\n

The co-founder of Digita Security and creator of Objective-See<\/a> Mac security tools Patrick Wardle revealed the security holes on Monday.<\/p>\n

Tech Pro Research: macOS Mojave: A guide for IT leaders<\/a><\/strong><\/p>\n

On Monday, Wardle said on Twitter<\/a>, “Mojave’s ‘dark mode’ is gorgeous…but its promises about improved privacy protections? kinda #FakeNews.”<\/p>\n

\"screen-shot-2018-09-24-at-16-42-03.png\"<\/span><\/p>\n

A minute-long video uploaded to Vimeo<\/a> shows the vulnerability in action.<\/p>\n

The clip shows how an app can be used to compromise the Mac operating system, bypassing privacy controls and permitting access to a user’s address book.<\/p>\n

This information, containing contacts for demo purposes, was then copied to the machine’s desktop.<\/p>\n