Contents
Redmond giant Microsoft has uncovered a vulnerability in Apple’s macOS. The vulnerability, now identified as CVE-2023-26706, could allow specially crafted codes to escape the App Sandbox and run unrestricted on a Mac. Microsoft shared its findings with Apple in October 2021 last year. They did it through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR).
Apple engineers worked on the bug and released a security update earlier this year to fix the App Sandbox vulnerability. Microsoft uncovered the bug in a blog post when Apple successfully fixed it. Stay tuned to the article if you are a macOS user and want to safeguard yourself from the App Sandbox vulnerability. Here we have explained the steps you can take to keep your Mac safe from this bug.
What is App Sandbox in macOS?
App Sandbox is Apple’s access control technology. App developers must adopt App Sandbox before they submit their apps to Mac App Store. The App Sandbox enforces a customizable rule to an app process. It includes reading or writing specific files. It also restricts processes from accessing system resources and user data. When an app gets compromised, App Sandbox minimizes the damage.
App Sandbox Vulnerability
Microsoft security researchers find that a specially crafted code can easily bypass the App Sandbox rules. A hacker can use this vulnerability to get elevated privileges on the affected device or install additional payloads. Microsoft security team found this vulnerability when researching potential ways to run and detect malicious macros in Microsoft Office on Mac.
Microsoft Word can read or write files with the “~$” prefix for backward compatibility. The team found that it was possible to escape the sandbox with the help of the “~$” prefix. Hackers could have leveraged Launch services in macOS to run an open -stdin command on a specially crafted Python file with the “~$” prefix. The research also discovered that the bug could have bypassed macOS built-in baseline security features, compromising system, and user data.
Safeguard From App Sandbox Vulnerability
The good thing is Apple has fixed the bug in the security updated releases on 16 May 2023. To safeguard your Mac from App Sandbox Vulnerability, you must install those security updates on your Mac. If you don’t know how to do it, below are the steps to check security updates and install them on a Mac.
Step 1: Tap the Apple Logo in the top left corner.
Step 2: From the Apple menu options, tap on System Preferences. Alternatively, you can use open System Preferences from Launchpad or use the Spotlight search box.
Step 3: In System Preferences, tap on Software Update.
Step 4: Your Mac will start checking for Software Updates. If an update is available for your Mac, download and installs it as soon as possible.
That’s it; This is how you can safeguard your Mac from App Sandbox vulnerability.
Recover Lost Data Due To App Sandbox Vulnerability
The above steps are sufficient enough to protect your Mac from App Sandbox vulnerability. However, if you have fallen victim to this vulnerability and lost data, don’t worry; you can get your data back. All you need is functional data recovery software. If you ask us, we will recommend Stellar Mac Data Recovery Software. Wonder why?
The software recover deleted files such as photos, videos, and documents for free. No activation code is needed to recover up to 1GB of data. Apple Mac lineup is growing through Apple Silicon transition. And if you have a Mac with Apple M1 or M2 chip, the Stellar Mac Data Recovery software is fully compatible. It supports the latest macOS Monterey 12 as well as older macOS versions. It will get the support for the upcoming macOS 13 Ventura when it becomes available later this year.
Talking about storage devices, it supports recovery from SSD, portable HDD, etc. You can recover files from Fusion Drive or Time Machine devices. It supports hundreds of file formats so you can get back your deleted Photos, iMovie, GarageBand, Pages, or Mails files. You can even recover deleted Word, PowerPoint, and Excel files. If you have emptied trash on your Mac, Stellar Mac Data Recovery software will also help you in that situation.
Do all these features sound interesting? Below are the steps to use the software and recover your lost data.
Step 1: First, download and install Stellar Mac Data Recovery software on your Mac. Once the software is installed, open it. On the very first screen, select what you want to recover. You can choose specific files or Everything for complete recovery of your files. After making the selection, click Next.
Step 2: On the next screen, select from which drive you want to recover the data and click Scan.
Step 3: The software will start scanning the selected drive. Depending upon the size of the lost data, it will take a few minutes to scan it thoroughly. Once the scan is done, go through all the recovered files and select the ones you want to recover. Lastly, click Recover to get back the lost data on your Mac.
That’s easy it is to recover your lost data due to App Sandbox vulnerability on Mac.
Final Words
App Sandbox vulnerability could have affected millions of Mac users across the world. But all thanks to Microsoft security researchers, who found the bug and reported it to Apple. Now the issue is fixed, and Mac users can safeguard their Mac by installing the released security updates on their Mac. We have explained the steps to check the updates above in the article. Go ahead, follow those steps and protect your Mac from vulnerability. If you have lost data due to App Sandbox vulnerability, we have provided an easy solution: Stellar Mac Data Recovery software to recover the lost data.
