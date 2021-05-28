Apple released new version of its operating systems and shared the security content for macOS Big Sur 11.4.

macOS 11.4

This is the longest page of security fixes I’ve seen from an OS update in a long time. I’ll share a few of the fixes here.

AppleScript

Available for: macOS Big Sur

Impact: A malicious application may bypass Gatekeeper checks

Description: A logic issue was addressed with improved state management.

CVE-2021-30669: Yair Hoffman

Core Services

Available for: macOS Big Sur

Impact: A malicious application may be able to gain root privileges

Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.

CVE-2021-30681: Zhongcheng Li (CK01)

Dock

Available for: macOS Big Sur

Impact: A malicious application may be able to access a user’s call history

Description: An access issue was addressed with improved access restrictions.

CVE-2021-30673: Josh Parnham (@joshparnham)

Kernel