macOS HM Surf vuln might already be under exploit by major malware family

In revealing details about a vulnerability that threatens the privacy of Apple fans, Microsoft urges all macOS users to update their systems.

The bug, tracked as CVE-2024-44133 (CVSS 5.5) and patched in September's macOS Sequoia updates, is believed to be potentially exploited by the Adloader macOS malware family, Microsoft's Jonathan Bar Or said.

A successful exploit could potentially allow an attacker to take photos using a device's camera, record audio from its microphone, disclose the user's location, and more.

The vulnerability targets Apple's Transparency, Consent, and Control (TCC) protections, which Microsoft will be acutely aware of given eight of its own macOS apps had TCC-based holes uncovered in August.

Bar Or said the issue is localized to Safari and that no other third-party browsers are vulnerable, although the Windows giant is working with them to secure the core issue at play – local configuration files.

TCC's role in macOS is to ensure users have control over apps' requests for access to various features, displaying prompts and asking whether to approve/deny them.

The feature is driven by what Apple calls "entitlements." Some apps have access to more powerful entitlements than others, Safari being one of them. For example, if an app wants access to a device's microphone, the developers enable the entitlement that prompts a user to accept that access request. Once approved/denied, the setting should remain that way until the user changes it.

Safari has an entitlement that allows it to bypass all TCC protections, and if a user approves it, the app would have free access to all the components that could threaten privacy, as well as things like the device's address book.

Bar Or developed an exploit for the vulnerability that involved modifying the config files in the Safari browser directory, where its TCC-related files are kept.

Using the Directory Service command line utility (dscl), Bar Or was able to change a user's home directory, modify sensitive files in a way that removed TCC protections, change the home directory again so Safari uses those modified files, and then run Safari so they could take snaps, record audio, see download histories, and more.

He also noted that a bad guy could feasibly start Safari in a tiny window so as not to arouse suspicion, all while uploading the data they were after to a server of their choice.

• Firefox 130 lands with a yawn, but 131 beta teases a long-awaited feature
• Multiple flaws in Microsoft macOS apps unpatched despite potential risks
• Google can totally explain why Chromium browsers quietly tell only its websites about your CPU, GPU usage
• Apple's 'incredibly private' Safari is not so private in Europe

After developing the exploit, which it called "HM Surf," Microsoft worked up and deployed new detection strategies, and the resulting intel from these revealed some suspicious activity that Microsoft claimed bore a hallmark of Adloader.

"Since we weren't able to observe the steps taken leading to the activity, we can't fully determine if the Adload campaign is exploiting the HM Surf vulnerability itself," Bar Or blogged.

"Attackers using a similar method to deploy a prevalent threat raises the importance of having protection against attacks using this technique."

Apple didn't immediately respond to our request for comment. However, if it did, it would probably say – like Bar Or did – that it launched new APIs for App Group Containers so Apple's System Integrity Policy (SIP) can prevent config files from being modified by an attacker, in turn resolving the vulnerability class.

As for how the other browsers are getting on, Firefox has yet to adopt the APIs and the same goes for Chromium, although it's working to adopt os_crypt, which solves the core issue but in a different way. Microsoft's approach was to ensure Defender detects suspicious modifications to Safari's directory. ®