Mobile device management company Jamf today revealed a security issue that allows privacy preferences to be bypassed, providing attackers with full access, screen recording, and other permissions without user consent.
The vulnerability was discovered by Jamf while analyzing XCSSET malware. XCSSET malware has been rampant since 2020, but Jamf noticed a recent increase in activity and discovered a new variant.
Once installed on the victim’s system, the malware is specifically used to take screenshots of the user’s desktop and does not require additional permissions. Jamf says it can also be used to bypass other permissions, as long as the malware’s donor application has the permission enabled.
Jamf gave a complete explanation of the working principle of vulnerability. The company said that Apple resolved the vulnerability in macOS Big Sur 11.4. Apple confirmed to TechCrunch that the fix was indeed enabled in macOS 11.4, so Mac users should update as soon as possible.