MacOS LPE via Microsoft Teams installation
Introduction In this blogpost, I describe a vulnerability found in Microsoft Teams installation package. Its root cause is the same as the one I described in NordVPN LPE post. So, I recommend read...
Introduction In this blogpost, I describe a vulnerability found in Microsoft Teams installation package. Its root cause is the same as the one I described in NordVPN LPE post. So, I recommend read...
Long story short Create a GitHub project that adheres to the structure of a macOS application bundle + clone this project with Xcode v15.2 GUI = RCE w/ GateKeeper bypass. Introduction Since c...
TL;DR: Update Xcode to latest version 16.0. If you are still using Xcode 15.4 pay attention on what you clone. Make sure the sources are trusted if you don’t want to let remote attackers exec...
Introduction Distributing macOS applications outside of the App Store is a common practice among software vendors. Nonetheless, it could be quite dangerous letting users download installation pack...