Cyber security news for all


    TextEdit in macOS contains a security vulnerability

    Apple’s text editor TextEdit, which has been around for years contains a gap that malware can use to break out of the macOS sandbox. The vulnerability has been around for quite some time, but Apple doesn’t see it as a problem and probably won’t fix it.

    The sandbox is supposed to ensure that applications are limited in their ability to access system data so that certain security problems do not arise. Apple has long made it compulsory to use them for app store applications. The sandbox usually ensures that a file written by an app receives a quarantine flag. This means that a sandbox app cannot simply create a malicious shell script that could then be executed outside of the sandbox.When you save it, the quarantine flag is also removed, which allows the script to be executed outside the sandbox. This should appear very harmless to the user because nobody thinks TextEdit is dangerous. Many users should allow an app to control TextEdit because they do not see it as a threat.

    TextEdit Is Used Innocently By Many Users

    Apple sees no problem with TextEdit and consequently no need for action. The gap is at least included in macOS, but experts were also able to trace it in the previous version macOS Mojave. The problem is that TextEdit is used innocently by many users who will certainly not expect security problems in connection with the simple text program.

    Various apps, including popular tools such as the text editor BBEdit, have a special entitlement with which the apps could break out of their own sandbox. Users would not have to explicitly approve this. The entitlement cannot be deselected by the user.

    Recent Articles

    Cyber threats become more dangerous to secure the digitization

    The pandemic has provided a boost to digital world. But now it is important to secure it. Examples of developments in the pandemic are...

    Sopra Steria was encrypted with Ryuk ransomware

    Last week, there was a successful ransomware on the servers of the French provider Sopra Steria. In an extremely brief statement, the company only...

    Emotet takes unusual approaches and loads new malware

    Even those who are not concerned with the security have mostly heard of Emotet. The malware has been up to mischief for several years,...

    Cyber criminals could exploit the Oracle network

    The software manufacturer Oracle network only holds its updates every three months. Oracle speaks of security gaps - Due to the extensive product range...

    Unauthorized access at Scalable Capital

    There has apparently been unauthorized access to individual data at Scalable Capital. The company informed its customers about the incident by mail yesterday, referring...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox