DirtyNIB

CarderPlanet

CarderPlanet

Professional
Messages
2,552
Reaction score
675
Points
83
Researcher Adam Chester discovered a vulnerability that allows malicious processes to intercept the rights of macOS applications.

Chester named ee DirtyNIB because the exploit relies on replacing NIB files inside application packages without violating application rights and Gatekeeper verification.

Chester is a smart guy, it's not the first time he's been looking for ways to inject code into the macOS Monterey binaries, and he was once able to identify a vulnerability that allowed the rights to Apple applications to be seized.

The epic situation is added by the fact that the researcher decided to return to this vulnerability after a long attempt by Apple to fix it, and was surprised to see that it still works.

There are some caveats presented with later versions of macOS, which the specialist described in his blog. But in the latter case, the vulnerability is located in macOS Sonoma, has existed for a long time and remains 0-day, to this day.

This suggests that either the Apple developers are just assholes, or they are assholes in the service of His Majesty.
 
You must log in or register to reply here.

Similar threads

Man
macOS Armor Breached: Sandbox No Longer Protects Your Data
Replies
0
Views
73
Man
Man
Man
Emergency Update: Apple Protects macOS from 0Day Attacks
Replies
0
Views
133
Man
Man
CarderPlanet
Mac users, stay alert: Researchers have found a new threat
Replies
0
Views
168
CarderPlanet
CarderPlanet
Man
Researcher Who Helped Apple Find Wi-Fi Vulnerability Arrested for Fraud
Replies
0
Views
130
Man
Man
chushpan
🧊 Google to Pay Out $12 Million in Bug Bounties in 2024
Replies
0
Views
133
chushpan
chushpan
Back
Top