<ul><li>Microsoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS's System Integrity Protection (SIP).</li><li>The vulnerability, tracked as CVE-2024-44243 with a CVSS score of 5.5, enabled attackers with 'root' access to bypass SIP and install rootkits, create persistent malware, and bypass TCC protections.</li><li>Microsoft researchers highlighted the importance of monitoring processes with special entitlements, such as com.apple.rootless.install and com.apple.rootless.install.heritable, which can bypass SIP restrictions.</li><li>In December 2024, Apple released macOS Sequoia 15.2 to patch the vulnerability. This disclosure follows a previous discovery by Microsoft of a vulnerability in Apple's Transparency, Consent, and Control (TCC) framework in macOS.</li></ul>

CVE-2024-44243 macOS flaw allows persistent malware installation

Discover more