Apple’s Mac computers are considered very secure. Microsoft of all people has now found a nasty gap in the macOS system.

Few viruses, extensive protective measures and the advantage of relatively little spread: Apple’s Mac computers have a good reputation for being very secure in comparison. Nevertheless, sometimes dramatic security gaps appear again and again in the macOS system. The youngest has now just discovered Microsoft. It undermines one of the most important protective measures of the system.

Microsoft’s security team reports this on its blog. Accordingly, the group discovered the gap in July of this year. It enables attackers to smuggle malicious software past the important security program Gatekeeper. Microsoft therefore refers to it as the gatekeeper’s Achilles’ heel, based on the Greek legend – and dubbed the gap “Achilles” accordingly.

This is how the attack works

Gatekeeper plays an important role in Apple’s security strategy. The system automatically checks all program files downloaded from the Internet for security. Gatekeeper then sorts them into two categories: either they are known to Apple and rated as safe, or they are treated as a risk. Even with known software, a warning appears before the installation, unknown programs are immediately blocked completely and have to be deliberately and laboriously released by the user if they really want it.

Achilles now suspends this process. A clever trick is used for this. In order to sort which programs are checked, macOS marks all downloads with a data supplement that declares them to be quarantine objects. This can be bypassed, as the Microsoft security experts discovered. By specially preparing the files, the marking can be prevented – and Gatekeeper thinks it has files that have already been released. They can then simply be installed past the security system.

Mac vulnerability: what users need to do

There is a simple reason why Microsoft is now publishing the gap: With the latest updates for macOS, Apple has closed the gap. If you install the latest versions of the last three major Apple systems Ventura (macOS 13), Monterey (macOS 12.6.2) or Big Sur (macOS 11.7.2), the gap is automatically closed. This means that even Mac computers are protected up to the year 2014; unfortunately, older computers no longer receive updates.

praise from competitors

The fact that Microsoft discovered a security gap in the competitor’s system is less unusual than one might think. The major operating system manufacturers constantly check each other’s systems for security gaps, and Google’s hacker teams are also very successful. The logic is understandable: If you find gaps in front of criminals and warn each other, the network itself and the joint customers become more secure. And all companies benefit from the increased trust.

What: Microsoft-Blog