Wardle confirmed that Apple had approved code used by the popular Shlayer malware, which security firm Kaspersky said is the “most common threat” that Macs faced in 2019. Notably, the “Shlayer” malware was deemed by Kaspersky as the most likely threat for a Mac to experience in 2019. Reported by TechCrunch, security researchers Peter Dantini and Patrick Wardle discovered that Apple accidentally notarized a popular malware hiding inside a Flash Player update.
When approved, that gives the green light to the macOS Gatekeeper feature that an app is safe to run. In contrast, Mac users can download apps from the App Store as well as anywhere on the internet.Įven though Mac apps downloaded outside of the App Store don’t go through the same review process, Apple still requires them to be notarized (as of last year), which puts software through a security review looking for things like malicious code. IOS is more locked down and naturally more secure than Mac overall because all apps need to be downloaded through the App Store. While the original flaw was quickly fixed, another similar one has popped up.
In the case of the Mac, a new report highlights how Apple accidentally approved one of the most common malware threats to run on recent versions of macOS. While Apple’s devices are typically more secure than the competition, that doesn’t mean they’re immune to flaws.
