With the help of the program built into macOS, it is possible to hack any Mac computer. This is reported by the publication Bleeping Computer.
The error was discovered by security researcher Park Minchan and partially fixed by Apple. The vulnerability allows you to launch special addresses through emails without the user’s knowledge. This can lead to hacking of the computer.
The Minchan called the error he found a zero-day vulnerability, that is, a problem against which a protective mechanism has not yet been developed. Hackers operating in this way can place links with the .inetloc extension in emails that allow you to open internal bookmarks or network resources using the Finder program. “A vulnerability in macOS Finder allows files with the .inetloc extension to execute arbitrary commands,” the author said.
Such links can be placed unnoticeably in emails. When you click on the link, the command will be executed in the background so that the victim will not notice the attack on his computer.
Apple has already released a patch but has not assigned a CVE identification number to the vulnerability. According to Park Minchin, the company’s engineers have only partially corrected the flaw. Bleeping Computer journalists successfully tested the vulnerability described by Minchan and informed Apple about it, but did not receive a prompt response.
In early autumn, security experts spoke about the possibility of an attack on Windows through a vulnerability in the mechanism of the Internet Explorer browser. Hacking begins with sending MS Office files by mail.