When in Doubt, Run the Update: Lessons Learned from the Gatekeeper Flaw
Edward Maurer
Director of Security
We all get them, the dreaded pop ups telling you to update the software or the operating system on your desktop, laptop, smart phone, or tablet. It’s tempting to just hit “remind me later” so you can keep working on that pressing project. It can wait right?
Think again.
While they may seem intrusive, these updates not only include improvements to functionality, but often contain critical security patches that can protect you and your business from attacks.
One of the most recent examples of this is the MacOS Gatekeeper update. Apple uses a security feature called Gatekeeper which acts as a checkpoint for applications, verifying and notarizing them in order to help keep malware off Mac devices, and flagging the user with a warning if anything looks suspicious.
In March 2021, a flaw was discovered that allowed attackers to bypass Gatekeeper and run malicious applications containing malware. Once Apple became aware of the problem, an update was issued to fix it which included a new version of Big Sur (11.3) and an update to its X Protect system to detect any potentially malicious software attempting to get around the Gatekeeper.
If you are a Mac user and have not yet installed these updates, we suggest you do so as soon as possible to ensure you and your company are protected.
And the next time you see that annoying update pop-up, resist the temptation to dismiss it.
If you have any questions about security updates, or would like to learn more about how AaDya can help you keep safe from threats, please reach out to us directly at inquiries@aadyasecurity.com.