> There’s one caveat: The hackers have to convince a user to download or run an app that’s not in the App Store or allowed by Apple. But once that’s done, the malware won’t be stopped by any of the Mac’s defensive tools. For anyone still running an unpatched macOS, Wardle’s advice was simple: “Don’t open anything from anybody.”
This... doesn't sound that bad. It's still the state of affairs on other OSes, right? Don't run random executables from the internet
The app did bypass Gatekeeper, so there was a legitimately serious vulnerability here. I have Gatekeeper turned off on my own machines, but if it's turned on it should be expected to work.
It's not so bad, but tbh I would trust running some random executable more on Mac more than I would Windows, so some people might be conditioned by how safe Macs generally are.
Personally I try to install most via Brew which from my understanding could be a easy access point for an app containing malware; does anyone know if this is the case; and if it is, isn’t there some type of auditing that can increase the integrity of the packages?
> An Apple spokesperson said the company has now addressed the issue in macOS 11.3 and updated XProtect, its malware detection, to block the malware using this technique. That XProtect update will happen automatically and retroactively apply to older versions of macOS.
So... does that mean there's no rush to update the OS, because XProtect will protect you?
9 comments
[ 3.0 ms ] story [ 36.1 ms ] threadThis... doesn't sound that bad. It's still the state of affairs on other OSes, right? Don't run random executables from the internet
So... does that mean there's no rush to update the OS, because XProtect will protect you?