Microsoft highlights macOS vulnerability, Apple issues fix

Know the threat, patch the threat.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

What you need to know

Though Windows has its own laundry list of vulnerabilities and security issues, macOS isn’t perfect either. Take, for example, the recent “powerdir” vulnerability that left the door open for attackers to gain access to Mac users' personal data.

Before digging into the nitty-gritty of powerdir, it’s worth noting that Apple’s already patched the vulnerability (and credited Microsoft), so if you haven’t downloaded security updates for a few weeks, you should. You can read the full scoop on macOS updates over atApple’s patch notes.

Now that the issue’s fixed,Microsoft has taken to its blogto publicly dissect powerdir and give those interested in its inner workings a better understanding of the vulnerability. It had the power to “allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology, thereby gaining unauthorized access to a user’s protected data,” according to the blog.

You’re going to need technical knowledge to understand the bulk of Microsoft’s post on the subject, so either be prepared to Google (or, heh, Bing) a lot or come prepared with knowledge of what a hexadecimal blob is.

Microsoft’s post, beyond just explaining the danger, gives useful examples of the threat posed by powerdir. It shows the vulnerability giving an attacker the ability to enable camera and microphone access in any app, including Microsoft Teams. It also addresses the history of TCC dangers and how powerdir is far from the only one.

Get the Windows Central Newsletter

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Robert Carnevale is the News Editor for Windows Central. He’s a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author ofCold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.