Reports from cybersecurity firms or major tech media outlets

Microsoft Reveals Critical macOS Vulnerability (CVE-2024-44133) Allowing Data Access

Oct 18, 2024, 06:40 AM

A significant security flaw (CVE-2024-44133) has been discovered in Apple's macOS TCC framework, which could allow hackers to bypass user consent for accessing sensitive data such as location, camera, and microphone. Microsoft revealed that this vulnerability, dubbed HM Surf, also bypasses privacy controls in the Safari browser. Additionally, hackers are now directing users to Terminal to bypass Gatekeeper in macOS Sequoia, enabling the execution of malicious code. A proof-of-concept (PoC) for this flaw has been published, highlighting the severity of the issue.