Tenable Research has today disclosed multiple security-related issues affecting macOS application installers. These issues include the ability to bypass default macOS security mechanisms regarding signed application installers, which are designed to prevent malicious scripts from running. The team also warned all application developers about a possible security “gotcha” to be aware of when generating installers for their applications.
Installing new applications is something every macOS user is familiar with. The flaws identified by Tenable, and discussed in this blog post, have the potential to affect each and every user that ever has a need to install a new application, particularly applications that require a password to be entered before installation, such as Microsoft Teams.
The flaws identified could also allow malicious actors that have previously gained access to the system to elevate their privileges without the user being notified. This would give an attacker complete control over the user’s system. This could allow the attacker to spread malware, steal confidential information, or a number of other nefarious tasks.
These issues remain unpatched. Apple has stated that the security bypass method identified by Tenable Research is expected behavior and operates as intended. Apple also said that the security enhancement recommended by Tenable for the installer subsystem is the responsibility of individual developers and is not a security issue, despite having fixed a similar issue reported in 2020.
