Skip to main content
  1. Home
  2. Computing
  3. News

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

This critical exploit could let hackers bypass your Mac’s defenses

By
Add as a preferred source on Google

Microsoft has discovered a critical exploit in macOS that could grant hackers easy access to your Mac’s most important data. Dubbed ‘Migraine,’ it shows why it’s vital to update your Mac as soon as possible.

Migraine is so damaging because it can bypass Apple’s System Integrity Protection, or SIP for short. SIP is enabled by default on modern Macs and works by sandboxing sensitive parts of the computer from outside meddling. Only processes that are signed by Apple (or those with special privileges, like Apple installers) are allowed to alter something guarded by SIP.

A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.
Sora Shimazaki / Pexels

If a piece of malware can simply sneak past SIP, though, it can do untold damage — and that’s just what Migraine is capable of.

Recommended Videos

Ordinarily, the only way to disable SIP is to restart your Mac in Recovery mode, enter a specific command into the Terminal, then restart again. That means you need to be present in front of the computer in question, which on the surface should make exploits like Migraine untenable.

However, Migraine doesn’t actually require physical access to the target device, meaning a hacker could activate it remotely and gain unauthorized admission to the most sensitive parts of your Mac.

Instead, Migraine abuses macOS’ built-in Migration Assistant utility, which contains SIP-bypassing capabilities. Microsoft’s researchers found that a person can automate the utility’s migration process with AppleScript, add a malicious payload to the SIP exclusions list, then launch it on the target Mac. All of this could be done without restarting the computer or booting from macOS Recovery mode.

Update your Mac now

Window's new Microsoft Security Experts program works to protect users from cybercrime using.
Windows

Getting past the protections offered up by SIP gives malware writers significant powers to harm your Mac. They could bypass Apple’s Transparency, Consent, and Control (TCC) policies, for example, which would grant them access to your private data. Or they could craft SIP-protected malware that can’t be deleted using normal methods.

That all makes this vulnerability a very high priority to get fixed. Fortunately, Apple and Microsoft have been working hand in hand to do just that. Microsoft alerted Apple as soon as it discovered the vulnerability, and Apple was able to quickly roll out a fix in various updates: macOS Ventura 13.4, macOS Monterey 12.6.6, and macOS Big Sur 11.7.7, all of which were released on May 18.

It’s not the first time that an exploit has been found that can access extremely important data on your Mac. If anything, Migraine illustrates exactly why you should always keep your Mac up to date and install security fixes as soon as they become available. Doing that should help you stay on top of headache-inducing threats like Migraine.

Alex Blake
Alex Blake
Computing Writer
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
Topics
ChatGPT is recommending scam websites that will steal your credit card info
The chatbot is surfacing fraudulent clones of defunct retail brands, and scammers are deliberately engineering sites to game its recommendations.
ChatGPT running on a laptop.

Scammers have found a new way to reach shoppers: getting ChatGPT to do their marketing for them. According to The Guardian, scam-checking service Ask Silver found that OpenAI's chatbot is recommending fraudulent retail websites built to harvest payment details from unsuspecting buyers. The sites mimic real storefronts and use official-looking URLs, making them difficult to spot without scrutiny.

Defunct brands are a prime target

Read more
McDonald’s new AI drive-thru has to prove it can handle hungry people
After its earlier ordering bot became a punchline, McDonald’s is testing a new system that promises fewer human handoffs.
Architecture, Building, Hotel

McDonald’s is bringing AI back to the drive-thru with a new Google-backed system called ArchIQ, also known as Archy. It’s starting in five locations under the company’s broader “> NEXT” technology push, with a franchisee claiming the system has already handled more than 1 million orders.

The bigger number is the one McDonald’s needs people to trust. About 90% of those orders reportedly needed no human intervention. That sounds promising, but this is not a clean reset. Its earlier IBM-backed AI drive-thru experiment ended after viral mistakes turned automated ordering into a public punchline.

Read more
Logitech’s Mobi Fold is a pocketable folding mouse for folks who despise trackpads
Logitech’s Mobi Fold looks like a tiny productivity taco
Logitech Mobi Fold

Laptop trackpads are fine until you get really busy. Editing a spreadsheet in an airport lounge, juggling tabs in a café, or trying to do proper work on a tiny hotel desk can make you miss the convenience of a mouse. Logitech has the answer to this with the new Mobi Fold, its first ultra-portable foldable mouse.

While a small portable mouse is something people carry, many choose to skip the added bulk, simply choosing to bite the bullet with the trackpad. But the Logitech Mobi Fold can simply fold flat, and can later be unfolded when you need to work. This makes it pretty convenient to carry. Logitech even made the mouse to automatically power on when opened and turn off when folded.

Read more