The Iru Blog

Finding Vulnerabilities in Apple Packages at Scale

Uncovering Apple Vulnerabilities: diskarbitrationd and storagekitd Audit Part 3

Uncovering Apple Vulnerabilities: diskarbitrationd and storagekitd Audit Part 2

Iru's Threat Research team recently performed an audit on the macOS diskarbitrationd and storagekitd system daemons, uncovering several vulnerabilities. Our team reported all of them to Apple through their responsible disclosure program, and as these are fixed now, we are releasing the details in this blog series - this is part two.

Uncovering Apple Vulnerabilities: The diskarbitrationd and storagekitd Audit Story Part 1

The Iru team is always looking out for how to help keep your devices secure. In line with that, our Threat Research team performed an audit on the macOS diskarbitrationd and storagekitd system daemons, uncovering several vulnerabilities such as sandbox escapes, local privilege escalations, and TCC bypasses. Our team reported all of them to Apple through their responsible disclosure program, and as these are fixed now, we are releasing the details.

Dock Tile Plugins Could Be Used to Escalate Privileges

I recently came across a persistence feature in macOS that's tied to Dock tile plugins.

How Malware Can Bypass Transparency Consent and Control (CVE-2023-40424)

CVE-2023-40424 is a vulnerability that allows a root-level user to create a new user with a custom Transparency Consent and Control (TCC) database in macOS, which can then be used to access other users’ private data.

How Apple Mitigates Vulnerabilities in Installer Scripts

Vulnerabilities are hot topics inside the world of security research and—because of their potentially dramatic impacts—outside as well. Unfortunately, the strategies and tactics that companies like Apple take to prevent specific vulnerabilities—or even entire families of exploits—typically attract less attention. But the fact is that engineering high-impact mitigations is typically more challenging than finding a single vulnerability.