Microsoft finds macOS bug that lets hackers bypass SIP root restrictions
Apple has recently addressed a vulnerability, dubbed Migraine and tracked as CVE-2023-32369, that allows attackers with root privileges to bypass System Integrity Protection (SIP) and install "undeletable" malware while accessing the victim's private data by circumventing Transparency, Consent, and Control (TCC) security checks. The flaw was discovered and reported by a team of Microsoft security researchers. Apple has patched the vulnerability in security updates for macOS Ventura 13.4, macOS Monterey 12.6.6, and macOS Big Sur 11.7.7. The researchers found that attackers with root permissions could bypass SIP security enforcement by abusing the macOS Migration Assistant utility. Bypassing SIP protection also enables a complete bypass of TCC policies, allowing threat actors to replace TCC databases and gain unrestricted access to the victim's private data. CVEs: CVE-2023-32369 [View Article](https://www.bleepingcomputer.com/news/security/microsoft-finds-macos-bug-that-lets-hackers-bypass-sip-root-restrictions/)