Summary: Many Mac users have reported Apple macOS Critical Privilege Escalation Vulnerability on macOS BigSur 11. If you are using macOS BigSur 11 version, read this blog to learn more about this issue and what precautions you should take to keep your Mac safe from any impending cyber-attacks.
Contents
Apple has released a high-priority emergency alert to address a critical kernel privilege escalation vulnerability in macOS BigSur 11.0.0. This problem in the macOS allows cyber-criminals to execute an arbitrary ransomware code with kernel privilege in the user?s system.
How is the macOS Critical Privilege Escalation Vulnerability dangerous?
The vulnerability issue in macOS BigSur 11 allows an attacker to insert and execute an arbitrary harmful code with Kernel privileges in the AppleAVD extension. This results in audio and video decoding available for the attacker. As it?s an unknown flaw, it has been designated as zero-day.
Why should you worry about it?
As soon as Apple makes a zero-day vulnerability public, it lets the attackers know that the issue will be quickly resolved. In anticipation, the attackers accelerate their attacks before this window of opportunity is closed.
This is the sixth zero-day vulnerability that has appeared since January 2023. Each such exposure opens up millions of users worldwide to be targeted for cyber attacks.
If you?re also using macOS BigSur 11, you should immediately take precautionary measures to restrict your system from unauthorized access.
What are the risks involved?
The vulnerability allows the attackers to access data on the affected device and further their entry into the user’s internal network. As a result, the attacker gains access to the systems that are networked with the affected Mac, even if they are not connected to the internet.
The attacker might steal your confidential and sensitive data. In addition, if you have a network of systems and any of those systems are used to store your client’s information, the vulnerability puts the client’s data at risk.
Suppose the attacker gains access with kernel privileges. In that case, he can deploy ransomware to your Macs. Moreover, the macOS Critical Privilege Escalation Vulnerability grants him unrestricted access to your system?s CPU with kernel privileges, leading to data loss, interrupted operations, financial losses, etc., diminishing your organization’s reputation.
What should you do?
There are specific recommendations from Barracuda MSP to reduce the impact of harmful code execution attacks:
- Update your macOS BigSur to version 11.6.6 or later
- Activate firewall for CouchDB installations
- Update all the applications to their latest versions
- Follow any future advisories released by Apple
You can visit the following links for more in-depth information
Note: If you have already lost any data due to the macOS Critical Privilege Escalation Vulnerability, download Stellar Data Recovery Professional for Mac to recover your valuable data.
Conclusion
Apple already acknowledges the issue, and soon it will be resolved through an update or other assistance. Moreover, the advisory from Barracuda MSP can be used as an immediate remedy to the problem. You need to follow the advisory for now and keep a vigilant eye on your system and data. In case of any suspicious activity, report it to Apple, or you can share it with us in the comment section below. We will update you about any further developments in this regard.
