Presented at
Objective by the Sea version 4.0 (2021),
Sept. 30, 2021, 11:35 a.m.
(25 minutes).
The safety and trust promised by the App Store is in large part due to mandatory sandboxing requirements. The required App Sandbox lets users install apps with abandon and without worry, keeping malicious ones contained. This talk will deep dive into CVE-2021-30677, a logic vulnerability in LaunchServices that allowed an attacker to escape the App Sandbox and bypass privacy protections despite the many new security mechanisms introduced in Big Sur and Catalina.
You'll learn how one deceptively simple issue can be exploited in multiple ways and hopefully have a laugh at the same time. We'll release a tool to help reverse the latest versions of macOS and extend an already great tool to help find & detect vulnerabilities like this one. Finally, we'll lay the groundwork for bugs to come and highlight an obvious but forgotten attack surface.
Presenters:
-
Ron Waisberg
- Product Security at Okta
Ron does product security at Okta during the day and tinkers with platform security at night. In his previous role at Trend Micro, you could find him tearing apart patches and writing n-day exploits. To forget about computers he likes to climb, hike, and enjoy a nice beer.
Links:
Similar Presentations: