Security researchers have found that Apple’s latest MacOS update allows apps to bypass content filters and VPNs, potentially making the way for malware to do the same.
Apple recently released Big Sur, the latest update for MacOS. However, some new features haven’t been received warmly. Security researchers have discovered that Apple is allowing some of its own apps to bypass some content filters and VPNs.
Around 50 different Apple processes bypass Apple’s own NEFilterDataProvider, which is used by firewalls and VPNs to filter traffic. However, the list exempting these processes is undocumented and can’t be edited.
This can open up Apple users to risk as malware can leverage the access these apps have to bypass and evade traditional VPNs and security tools. A security researcher was even able to demonstrate exactly how a hypothetical malware could send malicious traffic through the excluded processes.
Because this vulnerability has been recently discovered, there’s no evidence that there’s any specific malware that’s exploiting this issue but it’s something to keep note of. Many developers and security researchers have reached out to Apple alerting them to the issue but there’s no current fix or update available.
There may be a fix available in the form of an update in the future or there may be other security measures in place to prevent this kind of problem.
Other users and outlets have also documented how Big Sur has user issues and bugs so if you haven’t updated your device yet, you may want to hold off until a later release.
To learn more about the Big Sur vulnerability, check out Threatpost’s article here.