Update now: critical macOS security flaw patched in Big Sur 11.3

data privacy
(Image credit: Shutterstock / Zeeker2526)

The latest update to Apple's macOS operating system has arrived today – Big Sur 11.3 – and security experts are urging all users to install the update as it contains a critical fix.

The update patches a loophole discovered by security researcher Cedric Owens, which "allows an attacker to very easily craft a macOS payload that is not checked by Gatekeeper," according to Owens. 

"This payload can be used in phishing and all the victim has to do is double click to open the .dmg and double-click the fake app inside of the .dmg – no pop ups or warnings from macOS are generated."

Another security researcher, Patrick Wardle, has found that the loophole is already being exploited by malware installers, with his blog post going into extensive detail on the mechanisms of the exploit.

Unlocked gate

Normally, when a suspicious file has the potential of doing harm to the user's system (typically, an executable file or program in disguise), macOS will utilize its Gatekeeper function to warn users of the type of file they're actually installing, despite how it may otherwise be presented.

The loophole discovered by Owens allows hackers to trivially bypass Gatekeeper, as well as a number of other core security measures, so the user wouldn't receive any warnings between double-clicking the downloaded file and it running on their system.

In order to abuse this vulnerability, an attacker would need to craft an application bundle using a script as the main executable and not create an Info.plist file. This application would then need to be placed into a dmg file for distribution. When the dmg is mounted and double clicked, the combination of a script-based application with no Info.plist file executes without any quarantine, signature or notarization verification.

As of Big Sur 11.3, malicious files that fit the above description will now present an error message saying that the file "cannot be opened because the developer cannot be identified."

Apart from this critical fix, the latest macOS update adds a variety of support features for Apple's latest AirTag tracking products, as well as improved iPhone and iPad app integration on the M1 Mac products.

For most users, the macOS should automatically update to the latest version, or a message prompt should allow you to do so. If that's not the case, navigate to System Preferences to find the software update and manually install it from there.

Harry Domanski
Harry is an Australian Journalist for TechRadar with an ear to the ground for future tech, and the other in front of a vintage amplifier. He likes stories told in charming ways, and content consumed through massive screens. He also likes to get his hands dirty with the ethics of the tech.
Read more
Apple Siri
Update your Apple device now: iOS 18.3.2 fixes a flaw that could be exploited by hackers
An option to add Ambient Music buttons to the iOS 18.4 Control Center.
Apple fixes dangerous zero-day used in attacks against iPhones and iPads
Apple's new "Share Item Location" feature for AirTags.
Apple security alert - zero-day patched, so update your devices now
An iPhone with a 10:30am alarm ringing next to an Apple Watch that displays the time as 12:42pm
Apple warns "extremely sophisticated attack" hits iPhones and iPads, so update now
Security
Microsoft reveals more on a potentially major Apple macOS security flaw
Someone checking their credit card details online.
Apple forced to patch iOS and macOS security flaw that could have leaked your private info
Latest in macOS
macOS Catalina
A secret project, a stubborn developer, and a lot of glossy icons: here's the story behind macOS’s Dock as it turns 25
A woman sitting on a couch cross-legged and using a laptop
Essential apps and features to start getting the most out of your brand-new Mac
A woman sitting at a table with various objects on it, including a MacBook, a mug, a book, an opened notebook, and holding her head with her hands as if in frustration
It looks like macOS Sequoia 15.2 update breaks third-party bootable backups - and that has me worried
Genmoji Cowboy Frog Apple Intelligence
macOS Sequoia 15.3 beta brings Genmoji to Mac, allowing you to serve up custom emojis that really represent you
Person using a MacBook sat on sofa
Your Mac’s menu bar will finally get a weather widget in macOS Sequoia 15.2 – plus these Apple Intelligence features
The Apple Magic Mouse on a white surface next to the Magic Keyboard.
Planning to buy Apple’s new USB-C Magic accessories? Make sure you’re running macOS Sequoia 15.1 first
Latest in News
The SAG-AFTRA San-Fransisco-North California Local
SAG-AFTRA union and video game industry bargaining group remain at odds as agreements on AI protections still 'frustratingly far apart'
Data center racks with cables and servers
Data centers are being pushed to their limits, but digital twins could help
A collage of Tom Holland's unmasked Spider-Man and Sadie Sink's Max in Stranger Things season 4
Marvel reportedly casts Stranger Things star Sadie Sink in Spider-Man 4, but I don't want her to tackle the roles she's rumored to play
Google Gemini Robotics
Gemini just got physical and you should prepare for a robot revolution
Lilo & Stitch Official Trailer
Stitch crashes into earth and steals our hearts with the first trailer for the live-action Lilo & Stitch
GTA 5
GTA Online publisher Take-Two is gunning for a black market that’s basically heaven for cheaters