Ronhass7

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Monterey 12.2 macOS versions prior to Big Sur 11.6.3 macOS Catalina versions prior to Security Update 2022-001 **Description** A permissions issue was addressed with improved validation, allowing an application to potentially access restricted files. This issue relates to bypassing macOS System Integrity Protection (SIP). **Recommendations** For macOS Catalina, apply Security Update 2022-001 to resolve the issue. For macOS Big Sur, update to version 11.6.3 or later to resolve the issue. For macOS Monterey, update to version 12.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.4 **Description** The issue is related to a sandboxed process that may be able to circumvent sandbox restrictions. This is due to insufficient access control when handling XPC messages in the LaunchServices service of Mac OS. Exploitation of this issue may allow an attacker to bypass security restrictions and escalate their privileges. The issue was addressed with improved environment sanitization. **Recommendations** For versions prior to 12.4, update to macOS Monterey 12.4 to fix the issue. As a temporary workaround, consider restricting access to the LaunchServices to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.0.1 macOS Big Sur versions prior to 11.6.6 **Description** A logic issue was addressed with improved state management. This issue allows a sandboxed process to potentially circumvent sandbox restrictions. The vulnerability was discovered while studying methods of launching and detecting malicious macros in Office documents on macOS. Researchers found that using Launch Services to run a command with a specific prefix allows escaping the app sandbox in macOS. **Recommendations** For macOS versions prior to 12.0.1, update to macOS Monterey 12.0.1 or later to fix the issue. For macOS Big Sur versions prior to 11.6.6, update to macOS Big Sur 11.6.6 or later to fix the issue. As a temporary workaround, consider restricting the use of Launch Services and the `open` command with the `--stdin` option to minimize the risk of exploitation. Avoid using malicious macros in Office documents until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Big Sur 11.5 Security Update versions prior to 2021-004 Catalina Security Update versions prior to 2021-005 Mojave **Description** An access issue was addressed with improved access restrictions. A sandboxed process may be able to circumvent sandbox restrictions. **Recommendations** For macOS versions prior to Big Sur 11.5, update to macOS Big Sur 11.5. For Security Update versions prior to 2021-004 Catalina, apply Security Update 2021-004 Catalina. For Security Update versions prior to 2021-005 Mojave, apply Security Update 2021-005 Mojave.