Apple Addresses TCC Bypass Vulnerability in iOS and macOS
/ 1 min read
🔒✨ Apple patches critical TCC bypass vulnerability in iOS and macOS. A newly discovered security flaw, tracked as CVE-2024-44131, could allow malicious apps to bypass Apple’s Transparency, Consent, and Control (TCC) framework, potentially granting unauthorized access to sensitive user data without alerting them. The vulnerability, which affects the FileProvider component, has been addressed in recent updates for iOS 18, iPadOS 18, and macOS Sequoia 15. Jamf Threat Labs, which reported the issue, highlighted that the exploit could enable rogue applications to intercept file operations and exfiltrate data from iCloud backups. Apple has also patched several other vulnerabilities, including issues in WebKit and Safari, to enhance overall device security.
