Computer users operating on the Mac OS X platform are safer from harm compared to their Windows-using counterparts. With a much smaller market share, hackers are not targeting OS X users as often as they could, although that doesn’t mean the platform is completely secure. Security tool Gatekeeper is still vulnerable, despite a recent patch released by Apple. Bitcoin users are advised to remain careful when installing new applications until this security flaw has been patched properly.
Apple Fails To Make Gatekeeper Secure Again
It is not the first time OS X’s Gatekeeper is coming under fire from security experts. At one point in 2015, researchers had discovered a major vulnerability in this security protocol that puts all Mac users at risk. This tool is designed to check the certification of every executable file during an installation.
However, Gatekeeper in its pre-patch form was not doing an adequate job, as the software only checked the certification validity of the first executable. As a result, hackers could easily bypass this security protocol by infecting a legitimate install file with other tools being executed once the certification check had passed.
Keeping in mind Gatekeeper was created to prevent these things from happening, Apple was scrambling to release a security patch to fix the problem. Even though that patch has been released, the protocol is still not as secure as it should be. Assailants can still execute arbitrary code as part of improper certification checks, which is a cause of great concern.
Although it is not confirmed, one security researcher feels how Apple has attempted to fix the issue by blacklisting priority executables based on a list provided by himself. However, if this were to be the case, the vulnerability itself is still present in Gatekeeper, and it took the researchers roughly thirty seconds to bypass the newly implemented security checks.
For the time being, OS X users remain vulnerable to attacks and computer hijacking when installing new applications. Downloading any executable from a website rather than the App Store should be avoided at all costs until Gatekeeper is properly secured again. Apple has already indicated a major patch will be coming soon, although no official date has been released.
Bitcoin Users Remain Vulnerable
It goes without saying this Gatekeeper vulnerability is a major threat to Bitcoin users on the OS X platform. If they were to install a new application, there is always a chance of additional software being installed behind the scenes. As Bitcoin become more popular, hackers all over the world will do their best to steal user wallets, regardless of operating system.
OS X users are advised not to install any new applications on their systems – other than those in the App Store – to avoid Bitcoins being stolen. Even though the risk may seem small right now, it only takes one mistake to lose money in the Bitcoin world, and chargebacks do not exist in the digital currency ecosystem.
What are your thoughts on the Gatekeeper vulnerability? Will it affect bitcoin users in the long run? Let us know in the comments below!
Source: Tweakers
Images courtesy of Gatekeeper, Apple, Shutterstock
No comments:
Post a Comment