Microsoft Warns of SIP-Bypassing ‘Shrootless’ macOS Vulnerability

Microsoft is warning of a vulnerability impacting macOS that could bypass System Integrity Protection (SIP)....
Microsoft Warns of SIP-Bypassing ‘Shrootless’ macOS Vulnerability
Written by Matt Milano
  • Microsoft is warning of a vulnerability impacting macOS that could bypass System Integrity Protection (SIP).

    SIP prevents unauthorized code from executing on macOS, and is one of the layers Apple employs to keep the OS secure. In particular, SIP is designed to keep an account with root access from doing something that could compromise the system.

    According to Microsoft, the vulnerability, dubbed Shrootless, “could allow an attacker to bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device. We also found a similar technique that could allow an attacker to elevate their privileges to root an affected device.”

    Microsoft has shared its findings with Apple, so hopefully there will be a fix shortly.

    Get the WebProNews newsletter delivered to your inbox

    Get the free daily newsletter read by decision makers

    Subscribe
    Advertise with Us

    Ready to get started?

    Get our media kit