https://safirsoft.com Patched macOS vulnerability allows remote attackers to execute code

Internet shortcuts have the ability to execute code. The latest Mac is not fully patched.

macOS Code Execution Error Apple allows remote attackers to execute arbitrary commands on your device. And the worst part is that Apple hasn't fully patched it yet, as tested by Ars.

These Shortcuts Can Take Over Your Mac

Independent security researcher Park Minchan has discovered a vulnerability in macOS that allows threat actors to execute commands on your computer. Shortcut files with the inetloc extension can put commands inside. This defect affects macOS Big Sur and earlier versions.

"A vulnerability in how macOS handles inloc files causes inline commands to be executed. The commands it executes can be randomly running place for macOS. Minchan explains that user commands without any warning/request "" basically, inetloc files are shortcuts to an Internet site such as an RSS feed or telnet site; connections are SSH and Telnet; they can be created by typing a URL into a text editor and dragging the text to the desktop."

Internet shortcuts are found on Windows and macOS. But these specific errors negatively affect macOS users, especially those who use a native email client like Mail.

For example, opening an email with an inetloc attachment via the "Mail" application causes an undisclosed vulnerability in the test email under "test.inetloc" shortcut file, click this machine Calculator running on macOS:

Attachment Zoom in/attach 'inetloc' when viewed via macOS Mail.Ax Sharma is weak

The reason for the vulnerability is very simple. Usually Internet shortcut file contains a URL. But what if you enter the URL "File://"? Now you can try it on your Mac. Equivalent file: // location in the address bar, Internet shortcuts or inetloc files can be easily created to show addresses URL of "file://" vs HTTP URLs.

Although Apple is aware of the error and starts with Big Sur, include file: // URLs can be changed in Internet shortcuts in-text, block bypass :

"Newer versions of macOS (from Big Sur) have banned the file:// prefix (explained in Minchan).

I tested this theory on my macOS. Big Sur 11.3.1 uses the proof-of-concept (PoC) code provided by Minchan and can verify that the error has not been completely debugged:

The macOS RCE proof-of-concept code that contains the code to run the calculator. Magnification / Bug Proof macOS RCE that contains the code to run the calculator program.

This snippet, which contains only eight lines of code, is what the calculator showed above. But any skilled threat player can modify this test code to fully execute the malicious code on the victim device.

Apple Mac users are warned to be careful when opening .inloc Internet shortcuts, especially those in email attachments.

Patched macOS vulnerability allows remote attackers to execute code
patched-macos-vulnerability-allows-remote-attackers-to.html

https://safirsoft.com How hackers hijacked thousands of important YouTube accounts

How hackers hijacked thousands of important YouTube accounts

The wave of attacks has turned manufacturers' channels into cryptocurrency scams.

At least since 2019, popular YouTube channels have been tak...

https://safirsoft.com Passengers will not be able to travel after the NHS vaccine passport goes offline

Passengers will not be able to travel after the NHS vaccine passport goes offline

The power outage lasted about 4 hours and caused problems with the health program.

Britain's COVID Pass card system was suspended for hours o...

https://safirsoft.com Verizon Visible Wireless Verifies Compromised Customer Accounts

Verizon Visible Wireless Verifies Compromised Customer Accounts

Visible customers are confused when they see hackers from their account.

Several Visible Wireless subscribers reported having their accounts ...

https://safirsoft.com Hacker X - The American Who Created The Pro-Trump Fake News Empire - Disguises

Hacker X - The American Who Created The Pro-Trump Fake News Empire - Disguises

He was set to make fake news but now he wants to fix everything.

This is the story of the mastermind behind one of the largest "fake news" op...

https://safirsoft.com US government sues contractors to cover up abuses

US government sues contractors to cover up abuses

The Civil Internet Fraud Initiative allows data breaches to be reported to government contractors. The latest violation of the Civil Initiative on Cyb...
https://safirsoft.com Twitch admits to a massive leak that reveals source code and manufacturers revenue

Twitch admits to a massive leak that reveals source code and manufacturers revenue

Twitch confirms the information breach but is investigating the matter fully.

Twitch's live video streaming service has been hacked and 125GB...