成人小说亚洲一区二区三区,亚洲国产精品一区二区三区,国产精品成人精品久久久,久久综合一区二区三区,精品无码av一区二区,国产一级a毛一级a看免费视频,欧洲uv免费在线区一二区,亚洲国产欧美中日韩成人综合视频,国产熟女一区二区三区五月婷小说,亚洲一区波多野结衣在线

A newly discovered flaw in the macOS operating system could allow intruders to take screenshots, record video, or access files on a hard drive without the machine owner’s knowledge.

A report from cybersecurity research firm Jamf says the bypass performs an end-run around a privacy feature known as Transparency Consent and Control, which controls the resources applications have access to, as a privacy safeguard. (This is the feature that asks for a user's permission when an app wants access to the camera or microphone, for example.)

A type of malware, dubbed XCSSET, which was first discovered last year, has found a way to use permissions obtained by other apps to bypass TCC, giving it broad access to infected Macs.

“The detection team noted that once installed on the victim’s system, XCSSET was using this bypass specifically for the purpose of taking screenshots of the user’s desktop without requiring additional permissions,” Jamf wrote.

That’s especially troublesome in an environment where people are working from home and using their Macs for activities such as Zoom calls, which can be especially vulnerable. In one example Jamf illustrated, the malware was able to hook into Zoom and record the user’s screen without any sort of prompt.

Apple already has issued a patch to keep XCSSET from using this vulnerability and is encouraging anyone running macOS 11.4 or later to download it immediately.

This isn’t the first security issue for Apple this year. Security experts sounded a warning that a feature tied with AirDrop could put the personal information of 1.5 billion users at risk in April.