In a bit of a turnaround, Microsoft has warned Apple macOS users to update their devices to the latest patch level, after the company disclosed a bug in Apple’s Transparency, Consent, and Control (TCC) technology which could allow attackers to install spyware.
The so-called “powerdir” vulnerability (CVE-2021-30970) was discovered by Microsoft and disclosed to Apple through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR), and allows attackers to spoof the Transparency, Consent, and Control feature.
TCC is a technology dating to 20212 which is designed to prevent apps from accessing users’ personal information without their prior consent and knowledge.
“We discovered that it is possible to programmatically change a target user’s home directory and plant a fake TCC database, which stores the consent history of app requests. If exploited on unpatched systems, this vulnerability could allow a malicious actor to potentially orchestrate an attack based on the user’s protected personal data. For example, the attacker could hijack an app installed on the device—or install their own malicious app—and access the microphone to record private conversations or capture screenshots of sensitive information displayed on the user’s screen.”, said Microsoft in a blog post.
Apple released a fix for the issue on the 13th December 2021 and Microsoft is urging macOS users to apply the patches as soon as possible.