If you use a Mac, update macOS now! Apple has just corrected a major security flaw nicknamed Achille, discovered a few months ago by… Microsoft!
Mac users have long prided themselves on having the most secure computers in the world, believing themselves to be safe from viruses and attacks. Alas, history has repeatedly proven that this belief was unfounded. And if macOS was indeed less targeted by hackers, who prefer to target Windows because of the number of potential victims, Apple’s operating system (OS) is not perfectly sealed. The firm at the apple also regularly publishes updates to its OS for computers and mobiles in order to fix bugs and close security vulnerabilities. It has just done so again on December 13 during updates to several versions of macOS (Ventura, Big Sur and Monterey), following the discovery of a critical vulnerability. The “amusing” detail is that the said flaw was detected several months ago by Microsoft, Apple’s former sworn enemy! Proof that times are changing, in a good way.
Achille: an old security flaw finally corrected
It was Jonhatan Bar Or, security researcher at Microsoft, who launched the alert at the end of July 2022, when he discovered a flaw identified under the reference VCE-2022-42821 and nicknamed Achilles or Achilles – no doubt by allusion to the famous heel. As Microsoft explains at length without his blog post, the flaw allowed bypassing the Gatekeeper protection system integrated into macOS. Without going into these overly technical considerations, this device makes it possible to guarantee that only trusted software runs, by relying on verification and locking techniques. Unfortunately, the Achilles flaw, whose origin dates back to A/UX, the version of the Unix operating system that served as the basis for macOS. By exploiting it, hackers could bypass the Gatekeeper device to create files with dangerous permissions. In its blog post, Microsoft explains that “Apple’s Lockdown Mode, introduced in macOS Ventura as an optional protection feature for high-risk users who could be personally targeted by a sophisticated cyberattack, aims to stop clickless remote code execution exploits This is the reason why she couldn’t defend against Achilles. All users should apply this fix.”
Fortunately, and thanks to Microsoft, the Achilles fault has been corrected and there is nothing more to fear on this side. You just have to make sure you have the latest versions of three versions of macOS: macOS 13.1 Ventura, macOS 1.7.2 Big Sur or macOS 12.6.2 Monterey. To check it, nothing could be simpler: you have to click on the apple menu then on About This Mac : the macOS name and version number are displayed in clear text in the window that appears. If so, click on the button Software update… to download and install the latest version of the system.