In an effort to fix a vulnerability in the 11th Ventura developer beta, Apple developers accidentally introduced a new one that breaks third-party security products. Essentially, it prevents tools like anti-malware apps and security monitoring tools from scanning the device to detect security threats.
Apple has publicly committed to fixing the issue in its next software update, but this leaves devices vulnerable to cyber attacks until then. A workaround is available to fix the issue in the meantime.
Cybersecurity Apps Suddenly Stopped Working
Shortly after Apple released the latest Ventura update, security providers like Malwarebytes started getting reports from its customers complaining their macOS apps were no longer working correctly.
Some aspects of the problem were starting to seem like macOS bugs, so I reached out to friends at other companies. In no time, I had reports back from multiple people, all reporting exactly the same problems with their own products.
Thomas Reed, Malwarebytes
Security monitoring tools usually need full disk access on a device to properly function. This lets them scan the device’s systems and detect any fraudulent activity and files. Of course, Apple doesn’t want just any software to get access to these systems for your protection. It implements a system of permission requirements so apps can’t just get into your device’s most sensitive parts.
Apple specifically calls this system Transparency, Consent, and Control (TCC) and without explicit user permission, this system won’t let an app access sensitive parts of your device, like your Documents folder. One of these permission requirements is “Full Disk Access”, which got reverted by the flaw introduced in the update.
Source: Malwarebytes
Even though the issue might seem out of the ordinary for Mac users, this is just the latest development in a series of security issues Apple has had with the TCC privacy feature.
Apple’s Attempt to Fix Security Flaws is an Uphill Climb
For the past year, macOS security researcher Csaba Fitzl has worked with Apple to iron out security flaws in the TCC system on macOS. Fitzl found an exploitable vulnerability that easily lets him deactivate or revoke granted permissions. Attackers could use the same vulnerability to infiltrate victims’ devices without needing permission.
Apple tried to fix the issue across multiple updates, but each time Fitzl was able to find a way to get around the new protection features. This resulted in Apple deciding to overhaul the whole design in terms of how it handles permission management for security services. Unfortunately, this also broke existing app permissions for legitimate apps.
According to Fitzl, the update was released with the Ventura beta which, unfortunately, was just two weeks before the public release. This didn’t give developers enough time to test for bugs.
The macOS Ventura 13 Update Workaround Fix
Luckily, researchers found a quick fix to get around the bug introduced by the Ventura update, and it’s easy to implement:
- Open System Preferences
- Head to Security & Privacy
- Open the Privacy tab
- Click on Full Disk Access
- Click the lock icon in the lower-left corner of the screen.
- Enter your system password to allow changes.
- Uncheck the box next to the security apps that are malfunctioning to disable their permission (temporarily).
- Click the lock icon in the lower-left corner again to save your changes.
- Click on the lock icon again to repeat this whole process from step 6 to 8, except this time check the boxes to re-enable app permissions without the flaw.
When Apple eventually fixes this bug in the next OS update, you shouldn’t have to do anything again… unless the new update breaks something else.
Keep Your Mac Safe
Even though Apple takes a number of preventative measures to protect your Mac, at the end of the day it’s still just like any other device. Macs are vulnerable to a host of malware and cyber attacks, and these security issues keep increasing every year.
This update bug also proves how vulnerable even seemingly secure systems really are, as one mistake can impact the security of millions of people. This isn’t an uncommon event either. Earlier, in August 2022, researchers found a simple flaw which broke every layer of macOS security, rendering users completely vulnerable.
These issues highlight how important it is to use multiple layers of security on your devices, applications, and online accounts. This includes activating multi-factor authentication on your accounts, using unique passwords, and using security tools like an anti-malware app and a reputable VPN. This improves your chances of staying protected even when something like this happens.
No device will ever be 100% safe, but you can take precautions to ward off threats and minimize your chances of becoming a victim.
Leave a comment
attia
Posted on 21/01/2023 at 13:57
Cyberghost fonctionne parfaitement sur mon iphone et sur monvieux MacBook 13 Rétina par contre dysfonction sur MacBook M1 sous Ventura 13.1 pas de fenetre d’affichage des pays donc imposssible de parametrer un pays les icones restent muettes pas d’affichage . quand on clique sur l’icone du VPN du menu d’ecran les proposition sont connecter Cyberghost VPNn(IKEV2) et çà se connecte au VPN qui devient actif mais sans possibilité de lire la Localisation…
Donc en attendant les Mise à jour d’apple je n’utilise plus ce VPN sur cet ordinateur. Dois-je Supprimer l’appli Cyberghost sur cet Ordi???
MERCI SI QQ un à la réponse?
Ghostie
Posted on 23/01/2023 at 12:09
Hi Attia, sorry you’re having trouble. Please contact customer support and they will help you with the installer and KeyChain guidance to sort out the issue. You should be able to use CyberGhost normally after that. Please don’t hesitate to contact us if your problems persist.