Microsoft Details macOS Bug That Could Let Attackers Gain Access to User Data



Microsoft on Monday disclosed details of a recently patched security vulnerability in Apple’s macOS operating system that could be weaponized by a threat actor to expose users’ personal information.

Tracked as CVE-2021-30970, the flaw concerns a logic issue in the Transparency, Consent and Control (TCC) security framework, which enables users to configure the privacy settings of their apps and provide access to protected files and app data. The Security & Privacy pane in the macOS System Preferences app serves as the front end of TCC.

Read more…