Microsoft: Shrootless bug lets hackers install macOS rootkits October 28, 2021 https://www.bleepingcomputer.com/ne...less-bug-lets-hackers-install-macos-rootkits/ Microsoft: Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection
You see, this is exactly what I mean when I say that macOS isn't as secure as people may think. This seems to be quite a severe hole which can be used to bypass built-in security, the same type of stuff that is often seen in Windows. If hackers will actually be using it to attack people or companies is a different matter.
Hello All: According to an update to CVE-2021-30892, and Security Update 2021-007 Catalina, the fix for the Microsoft discovered Shrootless SIP bypass macOS vulnerability is to update the macOS Big Sur version to 11.6.1 (20G224) or to update the macOS Monterey version to 12.0.1 (21A559), and update macOS Catalina 10.15.7 (19H1519) with Apple's Security Update 2021-007 Catalina. I am not aware of Shrootless vulnerability to, and/or fixes for MacOS Mojave 10.14.6 (18G9323), and earlier, are currently unknown. HTH
I thought it had been patched in Catalina, Big Sur and Monterey 12.01. I don't know about Mojave either. Apple are usually on the ball with these fixes but they tend to prioritise the latest releases. The recent free upgrades have the upside in that they're free, the downside is they keep breaking Photoshop lol.
