We Are Segment’s CEO research activity, a Cyber Security society of the Interlogica group, never stops. Just yesterday, Filippo Cavallarin published a detailed technical advisory on a recently discovered weak point in the Mac OS system.
The bug of the DOM based Cross site scripting (XSS) kind, concerns the Apple Quarantine feature. Following the standard procedure, as explained in a Security Week article, “When a file is downloaded from the Internet, macOS places it in “quarantine” by assigning it the com.apple.quarantine extended attribute. This ensures that the user is alerted of the potential security risks before the file is executed”.
MAC OS X VULNERABILITY
The bug concerns macOS 10.12, 10.11 and 10.10 editions and, possibly, even older versions of the operating system. Apple was warned about this issue of the 27th of June 2017, through the SecuriTeam Secure Disclosure (SSD) of Beyond Security.
HOW THIS VULNERABILITY CAN BE EXPLOITED
This html file contains two DOM XSS based vulnerabilities that the cracker can exploits through URI (Uniform Resource Identifier) components.
Segment’s CEO also published a tutorial video explaining how a cyber criminal can use this buck, stealing sensible data to the unlucky user.
Apple solved this issue with the release of Mac OS X High Sierra, but did not mention this problem in the changelog.
Segment is part of the Interlogica group and offers many services, from consultations to advanced technology training in the branch of IT security.