Update now: critical macOS security flaw patched in Big Sur 11.3

data privacy
(Image credit: Shutterstock / Zeeker2526)

The latest update to Apple's macOS operating system has arrived today – Big Sur 11.3 – and security experts are urging all users to install the update as it contains a critical fix.

The update patches a loophole discovered by security researcher Cedric Owens, which "allows an attacker to very easily craft a macOS payload that is not checked by Gatekeeper," according to Owens. 

"This payload can be used in phishing and all the victim has to do is double click to open the .dmg and double-click the fake app inside of the .dmg – no pop ups or warnings from macOS are generated."

Another security researcher, Patrick Wardle, has found that the loophole is already being exploited by malware installers, with his blog post going into extensive detail on the mechanisms of the exploit.

Unlocked gate

Normally, when a suspicious file has the potential of doing harm to the user's system (typically, an executable file or program in disguise), macOS will utilize its Gatekeeper function to warn users of the type of file they're actually installing, despite how it may otherwise be presented.

The loophole discovered by Owens allows hackers to trivially bypass Gatekeeper, as well as a number of other core security measures, so the user wouldn't receive any warnings between double-clicking the downloaded file and it running on their system.

In order to abuse this vulnerability, an attacker would need to craft an application bundle using a script as the main executable and not create an Info.plist file. This application would then need to be placed into a dmg file for distribution. When the dmg is mounted and double clicked, the combination of a script-based application with no Info.plist file executes without any quarantine, signature or notarization verification.

As of Big Sur 11.3, malicious files that fit the above description will now present an error message saying that the file "cannot be opened because the developer cannot be identified."

Apart from this critical fix, the latest macOS update adds a variety of support features for Apple's latest AirTag tracking products, as well as improved iPhone and iPad app integration on the M1 Mac products.

For most users, the macOS should automatically update to the latest version, or a message prompt should allow you to do so. If that's not the case, navigate to System Preferences to find the software update and manually install it from there.

Harry Domanski
Harry is an Australian Journalist for TechRadar with an ear to the ground for future tech, and the other in front of a vintage amplifier. He likes stories told in charming ways, and content consumed through massive screens. He also likes to get his hands dirty with the ethics of the tech.
Read more
Apple Siri
Update your Apple device now: iOS 18.3.2 fixes a flaw that could be exploited by hackers
An option to add Ambient Music buttons to the iOS 18.4 Control Center.
Apple fixes dangerous zero-day used in attacks against iPhones and iPads
Apple's new "Share Item Location" feature for AirTags.
Apple security alert - zero-day patched, so update your devices now
An iPhone with a 10:30am alarm ringing next to an Apple Watch that displays the time as 12:42pm
Apple warns "extremely sophisticated attack" hits iPhones and iPads, so update now
Security
Microsoft reveals more on a potentially major Apple macOS security flaw
A person at a laptop with a cybersecure lock symbol floating above it.
Parallels Desktop has some worrying security flaws for Mac users
Latest in macOS
macOS Catalina
A secret project, a stubborn developer, and a lot of glossy icons: here's the story behind macOS’s Dock as it turns 25
A woman sitting on a couch cross-legged and using a laptop
Essential apps and features to start getting the most out of your brand-new Mac
A woman sitting at a table with various objects on it, including a MacBook, a mug, a book, an opened notebook, and holding her head with her hands as if in frustration
It looks like macOS Sequoia 15.2 update breaks third-party bootable backups - and that has me worried
Genmoji Cowboy Frog Apple Intelligence
macOS Sequoia 15.3 beta brings Genmoji to Mac, allowing you to serve up custom emojis that really represent you
Person using a MacBook sat on sofa
Your Mac’s menu bar will finally get a weather widget in macOS Sequoia 15.2 – plus these Apple Intelligence features
The Apple Magic Mouse on a white surface next to the Magic Keyboard.
Planning to buy Apple’s new USB-C Magic accessories? Make sure you’re running macOS Sequoia 15.1 first
Latest in News
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over