Apple has released a new security update for its Mac computers that fixes a vulnerability that could allow attackers to take control of the machines. The update, which is available now, includes a fix for the “powerdir” vulnerability, which affects Apple’s Macs running OS X 10.9 Mavericks. If an attacker were to exploit this vulnerability, they could take control of the machine and execute arbitrary code on it. This update also includes a fix for another vulnerability that could be used to steal data from Macs. This attack is known as the “Faulty Disk” attack and it involves exploiting a flaw in Apple’s Disk Utility software. Apple has warned users about the new security update and has advised them to install it as soon as possible. The company also recommends that users turn off any features that are not needed by the updated software and reboot their machines if they have not done so already.


Interestingly, the vulnerability, which is called CVE-2021-30970, was detailed by the Microsoft 365 Defender Research Team in an intense blog post. Microsoft alerted Apple through the Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR) on July 15, 2021. Apple then fixed it on December 13, 2021.

“Microsoft security researchers continue to monitor the threat landscape to discover new vulnerabilities and attacker techniques that could affect macOS and other non-Windows devices,” said Microsoft.

According to Apple’s patch page, “A malicious application may be able to bypass Privacy preferences.” To fix it, “A logic issue was addressed with improved state management.”

The attack is designed to bypass the operating system’s Transparency, Consent, and Control (TCC) technology, giving the attacker unauthorized access to a user’s protected data. This is far from the first TCC vulnerability reported. In fact, the very same patch that fixed the one Microsoft discovered also addressed a few others.

Based on the technical details Microsoft shared, specifically the mention that “it is possible to programmatically change a target user’s home directory and plant a fake TCC database, which stores the consent history of app requests,” this attack must be performed locally. This means you’d have to run specific software on your Mac for them to gain access, or they’d need to actually be sitting in front of your computer.

According to Microsoft, “Using this exploit, an attacker could change settings on any application.” Microsoft also said that its exploit “allows the modification of settings to grant, for example, any app like Teams, to access the camera, among other services.”

If you’ve already updated your Mac to the latest versions, you don’t need to worry about this particular vulnerability (that doesn’t mean new attacks won’t pop up). If you’re reluctant to update your Mac for one reason or another, let this major vulnerability serve as a reminder to keep your precious computer updated, as it’s essential for your safety.