August 7, 2024 at 02:30AM
Apple has announced updates to its macOS, making it more challenging for users to override Gatekeeper protections. These changes are part of the upcoming macOS Sequoia, tightening user approval mechanisms to prevent unauthorized software from running, countering malware and backdoors targeting macOS. This move aims to enhance security and protect users from potential threats.
The meeting notes reveal that Apple has introduced an update to macOS Sequoia, tightening the user approval mechanism for opening software that isn’t signed correctly or notarized. Users will no longer be able to Control-click to override Gatekeeper and will need to visit System Settings > Privacy & Security to review security information for software before allowing it to run. This change is aimed at countering stealer malware and backdoors targeting macOS, particularly those that are often unsigned and trick users into bypassing Gatekeeper protections. Additionally, an example from July 2023 is provided, where North Korean threat actors propagated an unsigned disk image (DMG) file impersonating a legitimate video call service named MiroTalk, and unleashed its malicious behavior after a victim control-clicked and selected “Open”.