data breaches
New macOS Vulnerability “HM Surf” Exploits Safari’s Security to Access Sensitive Data
A critical new threat dubbed “HM Surf” has emerged, targeting macOS devices through a mobile device management (MDM) setup. This sophisticated hack allows attackers to bypass Safari’s Transparency, Consent, and Control (TCC) protections, potentially granting unauthorized access to sensitive data, including browsing history, camera, microphone, and location—all without user awareness.
The vulnerability poses a significant risk to enterprise users rather than individual consumers. By exploiting flaws in Safari’s TCC protections, HM Surf enables attackers to obtain protected data that the browser should not be able to access. The attack compromises data security by circumventing macOS’s built-in privacy controls, making it a concerning development for organizations relying on Apple’s devices for secure operations.
Microsoft, which uncovered the flaw, promptly informed Apple, leading to the release of a patch identified as CVE-2024-44133. Apple included the fix in macOS Sequoia security updates on September 16, 2024. The updates address the exploit by strengthening the TCC protections in Safari, preventing unauthorized data access.
Experts strongly advise all macOS users, especially enterprise customers utilizing MDM configurations, to update their systems immediately to the latest version of macOS Sequoia. Ensuring devices are running the most recent security patches is essential to mitigate the risk of this exploit and protect sensitive data from potential breaches.
The emergence of HM Surf underscores the evolving threat landscape targeting macOS and the need for vigilant security practices within enterprises. As attackers continue to innovate, timely updates and proactive monitoring are crucial to maintaining the integrity and security of digital environments.