A new Zero Day vulnerability in macOS has been discovered. The flaw impacts all macOS versions up to the latest release Big Sur. The bug was found by Park Minchan an independent security researcher and is tied to the way that macOS processes inteloc files. The processing methodology allows an attacker to embed malicious commands which the system will execute without any warnings or prompts visible to the user of the targeted machine.
Interloc is short for "internet location files" and have the extension "*.interloc"
A recently published SSD Secure Disclosure advisory had this to say about the newly discovered flaw:
"A vulnerability in macOS Finder allows files whose extension is inetloc to execute arbitrary commands. These files can be embedded inside emails which if the user clicks on them will execute the commands embedded inside them without providing a prompt or warning to the user."
In this particular instance Apple botched the fix quietly patching the issue without assigning it a CVE identification number.
Unfortunately the fix was only partial and at present the bug can still be exploited in some instances as described below:
"Newer versions of macOS (from Big Sur) have blocked the file:// prefix (in the com.apple.generic-internet-location) however they did a case matching causing File:// or fIle:// to bypass the check. We have notified Apple that FiLe:// (just mangling the value) doesn't appear to be blocked, but have not received any response from them since the report has been made. As far as we know, at the moment, the vulnerability has not been patched."
Park Minchan developed a proof of concept that demonstrates how the bug could be exploited but to date no threat actors have been discovered exploiting the flaw in the wild. It is just a matter of time however. A flaw like this represents a serious weakness in the security of the OS.
Be aware that the easiest way to exploit the bug is via malicious links embedded in emails so make sure your employees are aware of the risks.
_____________________________________________________________________________________________
STOP OVERPAYING for CABLE and Netflix!
TeQ I.Q. Service works on "Apple, Android, Roku, Amazon, Computers, and more"
"We Now have TeQ I.Q. VOD+(Video On Demand) The Best VOD Service!
"If you have Netflix or any other VOD Service you should switch to TeQ I.Q. VOD+ Service"
It is better than Netflix with 5 Connections and 4K and 3D included. Better than all other VOD services with Over 30,000 Movies, including New In Theatre Movies, Over 10,000 TV Series and growing. TeQ I.Q. VOD+ adds Movies and TV Series on Request.
Check out our TeQ I.Q. Services at https://www.teqiq.com/tv
We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.
For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/
Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!
