APPLE PING!
If you want on or off the Apple/Mac/iOS Ping List, Freepmail me.
If you want on or off the Apple/Mac/iOS Ping List, Freepmail me.
PSA: Update your Mac to macOS 11.3 immediately to protect against ‘worst hack in years’
Tuesday, April 27, 2021 5:23 pmApple on Monday released macOS 11.3 and, if you have not yet done so, you should update your Mac to macOS 11.3 immediately to protect against “worst hack in years.” Patrick Wardle, a former NSA analyst and a macOS security expert, has described it as one of the worst security issues to have ever hit the Apple operating system.
Thomas Brewster for Forbes:
Malicious hackers can and have created malware that, though unsigned, is misclassified by Apple’s operating system, thanks to a logic error in macOS’ code. That means malware can skip all the checks done by Apple’s security mechanisms like Gatekeeper and File Quarantine, which are designed to stop any unapproved, dangerous apps from running.There’s one caveat: The hackers have to convince a user to download or run an app that’s not in the App Store or allowed by Apple. But once that’s done, the malware won’t be stopped installing by the Mac’s defensive tools, though macOS should stop any changes to critical system files and ask the user if the app can access photos, the mic or other systems. For anyone still running an unpatched macOS, Wardle’s advice was simple: “Don’t open anything from anybody.”
It affects all recent versions of macOS but Apple has released a patch that prevents the attacks. Version Big Sur 11.3 is available now and contains other fixes besides addressing this bug.
An Apple spokesperson said the company has now addressed the issue in macOS 11.3 and updated XProtect, its malware detection, to block the malware using this technique. That XProtect update will happen automatically and retroactively apply to older versions of macOS.
MacDailyNews Take: Again, if you haven’t already, update now. Choose System Preferences from the Apple menu , then click Software Update to check for updates, and click the Update Now button.
However, as they just told everyone, the hackers have to convince the potential victims to download this malware from a non-trusted site and install it.
They also informed you that Apple has pushed out an update to the built-in X-Protect to every MacOS computer on line, which is done within 24 hours of Apple having a solution finished and having tested that solution to make sure it does indeed block the attack.
The upshot is that we know Apple has now sent out blocking definitions to prevent this malware from being downloaded, installed or run (unless the user is industrial strength stupid and over-rides the malware alerts at each step), so the up-grade imperative is not quite so important as these journalists make it seem. — Swordmaker
upgraded on my SE2 and it ate my voicemail PW.
I reset that,
an hour later it requested resetting again on the next message that was left.
3 finger zoom was enabled before the upgrade but began acting haywire after. IMHO This upgrade isn’t stable.