Published on January 18th, 2016 📆 | 4874 Views ⚑


Mac Malware: Researchers Found A Way To Patch Malware


Apple’s OS X has a built-in anti-malware Gatekeeper system whose purpose is to protect Macs from cyber attacks from all over the world. 

In September 2015, Gatekeeper exploit was reported but still there is no comprehensive solution provided by the Apple. But Fortunately, a bug has been found by the researchers to solve/patch this problem.

Parick Wardle was the first person who revealed the flaw through his blog post. He wrote that
“Even on a fully-patched OS X 10.11.2 system, Gatekeeper is trivial to bypass,"

Working of Gatekeeper:

-    Before the apps launched on Mac, it carries only several checks.

[adsense size='1']
-    It verifies only the first app that user launch and unable to prevent apps from running or loading other apps.
-    It blocks all those applications that downloaded from the Mac App Store or from identified developers.Activity He Performs:

When the security flaw allowed Wardle to download such program that contains hidden and unsigned malicious files on the Mac, then Gatekeeper didn’t do anything for preventing it.
Previously it was said by  Wardle, that the company is working to patching this problem but the Gatekeeper security hole was not patched up till October 2015 also.Wardle said in his blog post that
“I’ll be releasing a personal tool that can generically thwart such attacks, protecting OS X users,”

Wardle released a newer tool named as Ostiarius(able to provide global protection that affects all the Mac's users as it runs on Kernel level). Which is having the capability to do the better job than Gatekeeper to prevent from such attacks for the protection of OS X users because it blocks the execution of all unsigned Internet binaries. Whenever the tool does its job, a message will be entered into the Mac's system log which specifies what Ostiarius blocked.
[adsense size='2']
-    Users can stay safe only by sticking to downloading apps from the Mac App Store or trusted sites that are using HTTPS encryption.

Comments are closed.