Microsoft finds Powerdir vulnerability in macOS, hackers can exploit personal data – Apple issues patch

Microsoft security researchers have detected a new vulnerability in macOS “powerdir” that allows hackers to circumvent system security components in “powerdir”. transparency, consent, and control, abbreviated TCC, and have access to arbitrary user personal data

TCC technology was first introduced on macOS in 2012. It was designed to prevent apps from accessing a user’s personal data without their consent. This includes restricting access to the camera, microphone, GPS, etc. without permission, so a powerdir with this ability to bypass is very dangerous. May be unwittingly secretly photographed or wiretapped by malicious people

Apple has credited Microsoft for fixing the vulnerability in the macOS Monterey 12.1 security documentation on its website. Reference code is CVE-2021-30970

This suggests that even the most notoriously secure macOS has some vulnerabilities. Therefore, users should not be underestimated. And always check for updates to the latest version of the system.

Source: Microsoft | Apple from Windows Central