Project Zero from Google has been quite active in diagnosing and fixing bugs for some time, and this time, a more important revelation is made. After waiting for a long period of time, the Project Zero has shared more details about a high-severity bug in macOS Kernel, affecting a huge number of devices running on the OS. It has revealed the details after providing Apple a 90-day period for patching the issue.
Talking about the bug, the official data from Project Zero says that “this means that if an attacker can mutate an on-disk file without informing the virtual management subsystem, this is a security bug.” This bug is being called ‘BuggyCow,’ and it can cause serious problems to each and every macOS user out there. Essentially, it allows an attacker to bypass several layers of protection that are built into macOS.
There may be multiple mounted file-system images in a Mac, and all these contain important information in most cases. Because of the aforesaid bug, the security of these images are at stake. An attacker will be able to make modifications to the file-system images. Of course, making use of this vulnerability would require a normal attacker to install a malware on a Mac in the first place.
Another condition is that there must be macOS apps that are storing sensitive information on hard drive — instead of going for the obvious choice of memory. If both these conditions are fulfilled, manipulation of the data would be an easy task for the attacker. The problem here is that Apple has not come forward to fix the issue yet.
According to several developers involved in Project Zero, Apple was intimated about the issue and the firm has declined to take the necessary action. Google has waited for three months before publishing the details of the bug.