CVE-2022-42821

Name of the Vulnerable Software and Affected Versions macOS versions prior to 11.7.2 macOS versions prior to 12.6.2 macOS versions prior to 13

Description A logic issue was addressed with improved checks, allowing an app to bypass Gatekeeper checks. The Gatekeeper function automatically checks all applications downloaded from the internet for a developer signature approved by Apple, requesting user confirmation before running. The vulnerability, named Achilles, allows specially crafted payloads to exploit a logical problem, setting restrictive access control list (ACL) permissions that prevent web browsers and downloaders from setting the com.apple.quarantine attribute for downloaded ZIP files. This enables malicious applications to be deployed on target devices without being blocked by Gatekeeper.

Recommendations For macOS versions prior to 11.7.2, update to macOS 11.7.2 or later. For macOS versions prior to 12.6.2, update to macOS 12.6.2 or later. For macOS versions prior to 13, update to macOS 13 or later.