Has Gatekeeper been bypassed? Disclosed details of what is claimed to be a new vulnerability may not be all that they appear to be.
App signatures are only checked on app first run – it may once have been true, but is no longer accurate. But can you bypass those additional checks? Is this a vulnerability?
Ready to download updates to macOS, iOS, watchOS, Xcode, and some security updates, all at once? It looks like we’re going to be busy next week.
Do you use digital signatures in PDF documents, or do you trust your PDF reader to check them? You could be spoofed into trusting forgeries.
Can you get malware in PDF? How far can you trust a PDF, or could it be a forgery? How to sign PDFs, and what data may remain hidden inside them.
Another worthless piece of “security theatre” about bundle signatures. I wouldn’t bother reading it, or downloading the new version of Signet.
Which of the three vulnerabilities in privacy protection has been fixed in 10.14.1? Is it good protection now?
It is easy to browse images and other documents in the QuickLook cache in High Sierra and earlier, but Apple has not blocked this – details here.
All versions of Safari, including shiny new 12, and macOS, including Mojave, appear vulnerable to exploits in old versions of Adobe Flash Player, because XProtect hasn’t been updated.
Over the last year, I have come across many Macs which have been left with serious vulnerabilities. Here are four common ones, and how to put them right.