Another vulnerability has been found in the latest version of macOS Mojave. The flaw in the operating system has detected a security specialist Jeff Johnson. According to the researcher, the problem lies in the brand’s Safari browser, to be precise in the application directory, where is stored the cache, browsing history and other temporary files.
As you know, access to system folders in macOS Mojave is quite limited. This is done in order to ensure maximum stability and security of the operating system.
You will not be able to display a list of the contents of these folders even with “Terminal,” says the security expert.
But the researcher discovered a bug that bypasses the verification mechanism, and allows malicious apps to gain unauthorized access to system folders. Specifically, in this case, the vulnerability affects the files in the Safari browser. The expert notes that in this way the attackers can steal browser history, bookmarks and other sensitive information. Accounts and passwords are not affected — they are stored in encrypted form.
This bug appeared with the release of macOS Mojave and is present on all versions of the system. The developer did not go into the details of the bug and open the way to bypass. According to him, Apple is already aware of this issue and will be fixed in the next major update macOS Mojave 10.14.4. Recall that the release of this update is planned for March of this year.
We offer you to subscribe to our channel in “Yandex.Zen”. There you can find the exclusive materials that are not on the website.