Microsoft discovered the 'Achilles heel' of macOS's security tool

13-inch MacBook Pro with M2 chip
(Image credit: Future)

What you need to know

  • Microsoft discovered a vulnerability in macOS in July 2022 that could be used to bypass the Gatekeeper security mechanism.
  • The vulnerability was disclosed in the same month and was quickly addressed by Apple.
  • Apple shipped an update that addresses the bug for macOS 13 (Ventura), macOS 12.6.2 (Monterey), and macOS 1.7.2 (Big Sur).

Back in July 2022, Microsoft discovered a security vulnerability in macOS. A bug allowed attackers to bypass Apple's Gatekeeper security mechanism, which protects computers by only allowing trusted apps to be installed. The discovered vulnerability, if left unpatched, could allow threat actors to get malware onto systems.

Microsoft dubbed its proof-of-concept that exploited the vulnerability "Achilles" and informed Apple of the issue through Coordinated Vulnerability Disclosure.

Microsoft goes into detail about how the vulnerability was discovered and the implications of such an issue in a recent post. The breakdown is useful for security experts and researchers but is more in-depth than most everyday users need. The main takeaway is that Microsoft discovered the security risk, informed Apple, and Apple fixed the issue quickly.

Latest Videos From

Updates to address the Achilles vulnerability were shipped to macOS 13 (Ventura), macOS 12.6.2 (Monterey), and macOS 1.7.2 (Big Sur) on December 13, 2022 (via Bleeping Computer).

How macOS secures systems

Several security features and layers of protection make it harder for attackers to get malware and other malicious programs onto macOS. When anyone downloads an app through a browser on macOS, be it Safari or another browser, a marker is added to the file. Apple's Gatekeeper and other tools then enforce mitigations and other protections. For example, if Gatekeeper finds an app that is not signed and notarized, it will tell a person that the app cannot be run because it's not trusted.

The system is not perfect, however, as noted by Microsoft:

"Due to its essential role in stopping malware on macOS, Gatekeeper is a helpful and effective security feature. However, considering there have been numerous bypass techniques targeting the security feature in the past, Gatekeeper is not bulletproof. Gaining the ability to bypass Gatekeeper has dire implications as sometimes malware authors leverage those techniques for initial access."

Security vulnerabilities are common, and companies such as Apple and Microsoft combat them frequently. The Achilles bug is noteworthy because Microsoft discovered the issue within macOS.

Sean Endicott
News Writer

Sean Endicott is a News Writer at Windows Central, where he covers Windows 11, Surface hardware, Microsoft 365, AI, apps, and the broader PC ecosystem. Since joining the site in 2017, he has written well over a thousand articles across the Microsoft landscape, covering breaking news, analysis, and feature reporting.

He writes Windows Wrap, a weekly column covering the biggest stories in Windows and the PC industry, and what they mean for the platform going forward.

Before joining Windows Central full-time, Sean worked in journalism and media production after earning a First Class degree in Broadcast Journalism from Nottingham Trent University. Outside of tech, he is an award-winning American football coach based in Nottingham, England, and was named BAFCA Youth Coach of the Year in 2024.