gatekeeper

The security researcher who identified a serious flaw in Apple’s Gatekeeper reports that the vulnerability remains despite two security patches applied by the company. Each, he says, only blocks the specific apps he used to demonstrate the method.

Gatekeeper in theory allows users to ensure that their Mac will only run apps downloaded from the Mac App Store – or alternatively, signed by a known developer if you opt for a lower level of protection. But Patrick Wardle last September found a major vulnerability in this protection which would allow any malicious app to be run no matter what Gatekeeper setting was chosen.

Wardle informed Apple, which issued a security patch in response, but Wardle has now reverse-engineered the patch and found that it provides only extremely limited protection …

Engadget reports that Apple simply blocked the specific apps Wardle had used as proof of concept. He was able to work around this by using a new set of apps, and Apple again responded only by blocking those specific apps. The Apple team has, however, assured him that it is working on a more comprehensive fix.

The only way to protect against the vulnerability for now is to ensure that a Mac has only ever downloaded apps from the Mac App Store or from trusted developers that provide downloads over an https link.

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author

Ben Lovejoy's favorite gear