Apple thanks Positive Technologies for discovering a vulnerability in its Shortcuts app - Middle East Business News and Information
The vulnerability, tracked as BDU:2025-02497 and rated 8.6 out of 10 on the CVSS 3.0 scale, affects Shortcuts 7.0 (2607.1.3). The vendor was notified of the threat in line with the responsible disclosure policy and has already released a software patch . Users are advised to upgrade to macOS Sequoia 15.5 or later. If updating the OS is currently not possible, Positive Technologies recommends users to pay close attention to the downloaded shortcuts before running them or avoid using them altogether.
The Shortcuts app was introduced with macOS Monterey back in 2021 and has been supported in macOS Ventura, Sonoma, and Sequoia versions over the past four years. With the app, users can create shortcuts to automate various tasks, such as starting a timer, playing music, or converting text to audio. Users also have access to macros that provide ready-made shortcuts. A threat actor could leverage this functionality by uploading infected templates to the library. For the security flaw to be exploited, it would be enough for the victim to inadvertently run a malicious macro on their device.
'An attacker could exploit this vulnerability to target any Shortcuts user,' said Egor Filatov, Junior Mobile Application Security Researcher at Positive Technologies. 'Before remediation, the vulnerability allowed an attacker to bypass macOS security mechanisms and execute arbitrary code on the victim's system.'
According to the expert, the potential consequences of successful attacks include the following: Theft of confidential data or deletion of valuable information
Malware execution
Installation of backdoors aimed at maintaining access to the system even after vulnerability patching
Ransomware infection
Disruption to the organization's business processes (if a corporate device is compromised)
Positive Technologies experts have been studying Apple products for over a decade. In 2018, Maxim Goryachy and Mark Ermolov, while looking for security flaws in Intel Management Engine, found a firmware vulnerability ( CVE-2018-4251 ) affecting personal computers made by Apple and other manufacturers. In 2017, Timur Yunusov warned the community about multiple security gaps he discovered in Apple Pay: by exploiting the vulnerabilities, attackers could compromise users' bank cards and make unauthorized payments on external resources. Before that, another Positive Technologies researcher found and helped eliminate a critical vulnerability in the apple.com website, which could allow an adversary to conduct a directory traversal attack and gain access to private data.
In addition to the macOS version of Shortcuts, there is also an iOS version of the app for mobile devices. To prevent threat actors from infiltrating the corporate network via vulnerable mobile apps, companies should protect their apps against reverse engineering. This can be done with solutions such as PT MAZE , which turns the application into an impenetrable maze, making attacks too resource-intensive for adversaries. Positive Technologies is an industry leader in result-driven cybersecurity and a major global provider of information security solutions. Our mission is to safeguard businesses and entire industries against cyberattacks and non-tolerable damage. Positive Technologies is the first and only cybersecurity company in Russia on the Moscow Exchange (MOEX: POSI), with 220,000 shareholders and counting. Follow us on X , LinkedIn , and in the News section at global.ptsecurity.com.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Egypt Independent
5 days ago
- Egypt Independent
Elon Musk threatens to sue Apple over app store ranking of his AI app
Elon Musk said his artificial intelligence start up xAI will sue Apple for allegedly favoring AI competitors in its App Store in what he called a breach of antitrust regulations. In a series of posts on X on Monday, a social media platform he owns, he accused Apple of only allowing xAI rival OpenAI's ChatGPT to claim the top spot in its rankings for mobile applications, and said his AI company would take 'immediate legal action.' 'Apple is behaving in a manner that makes it impossible for any AI company besides OpenAI to reach #1 in the App Store, which is an unequivocal antitrust violation,' he wrote. Grok, xAI's AI model, currently ranks 6th in the App Store's 'Top Free Apps' section for iPhones in the United States, while ChatGPT tops the list. 'Hey @Apple App Store, why do you refuse to put either X or Grok in your 'Must Have' section when X is the #1 news app in the world…Are you playing politics? What gives?' he wrote in a pinned post. CNN has reached out to xAI, Apple and OpenAI for comment. 'Apple's App Store curation appears biased, favoring established AI like ChatGPT (overall) over innovative challengers,' Grok wrote in a post on X, which was reposted by Musk. 'Editorial picks may reflect caution toward xAI's unfiltered style, but this stifles competition. Truth matters more than politics,' it wrote. Neither Grok nor Musk provided evidence to their claims. Grok by xAI, ChatGPT and Deepseek app icons seen in an iPhone screen. David Talukdar/Shutterstock In June 2024, Apple partnered with OpenAI to integrate ChatGPT services into its devices. In response, Musk threatened to ban Apple devices at his companies, including X, Tesla and SpaceX. It was unclear if he ultimately followed through. This is not the first time Apple's App Store operations has faced legal challenges. In April, a federal judge in California ruled the iPhone maker had violated a court order to reform its App Store for greater competition in app downloads and payment methods. The order stemmed from a high-profile antitrust suit in 2021 filed by the maker of the hit video game Fortnite, Epic Games, over Apple's monopoly on the distribution of IOS apps. The court then found Apple violated a California competition law and ordered the company to allow developers more freedom to direct users to alternative payment options. In a separate case in April, the European Commission fined Apple €500million ($570 million) for breaching a digital competition law by restricting app developers from steering users toward cheaper options outside the App Store. Last month, Apple appealed the fine to an European court.
See - Sada Elbalad
5 days ago
- See - Sada Elbalad
Musk Plans Legal Action Against Apple over App Store Practices
Israa Farhan Billionaire entrepreneur Elon Musk has announced plans to sue Apple, accusing the tech giant of breaching antitrust regulations in the way it manages app rankings on its App Store. Musk stated that his artificial intelligence start-up, xAI, intends to take legal measures against Apple, claiming the company's policies make it impossible for AI competitors to overtake OpenAI in the app rankings. At present, OpenAI's ChatGPT holds the top position in the United States iPhone App Store under the category of top free applications. Musk's own AI app, Grok, is ranked fifth, while Google's Gemini chatbot sits at number 57. ChatGPT also leads the rankings on Google Play, according to analytics from Sensor Tower. Apple has a partnership with OpenAI that integrates ChatGPT into its devices, a move that has further strengthened the chatbot's market dominance. Neither Apple, OpenAI, nor xAI have issued an official response to the allegations. Musk's forthcoming lawsuit is expected to put renewed focus on competition within the artificial intelligence sector and the role of major tech platforms in shaping the visibility and success of emerging AI tools. read more Gold prices rise, 21 Karat at EGP 3685 NATO's Role in Israeli-Palestinian Conflict US Expresses 'Strong Opposition' to New Turkish Military Operation in Syria Shoukry Meets Director-General of FAO Lavrov: confrontation bet. nuclear powers must be avoided News Iran Summons French Ambassador over Foreign Minister Remarks News Aboul Gheit Condemns Israeli Escalation in West Bank News Greek PM: Athens Plays Key Role in Improving Energy Security in Region News One Person Injured in Explosion at Ukrainian Embassy in Madrid Videos & Features Story behind Trending Jessica Radcliffe Death Video News Israeli-Linked Hadassah Clinic in Moscow Treats Wounded Iranian IRGC Fighters Arts & Culture "Jurassic World Rebirth" Gets Streaming Date News China Launches Largest Ever Aircraft Carrier News Ayat Khaddoura's Final Video Captures Bombardment of Beit Lahia Business Egyptian Pound Undervalued by 30%, Says Goldman Sachs Videos & Features Tragedy Overshadows MC Alger Championship Celebration: One Fan Dead, 11 Injured After Stadium Fall Arts & Culture South Korean Actress Kang Seo-ha Dies at 31 after Cancer Battle Lifestyle Get to Know 2025 Eid Al Adha Prayer Times in Egypt Arts & Culture Lebanese Media: Fayrouz Collapses after Death of Ziad Rahbani
Egypt Independent
6 days ago
- Egypt Independent
Microsoft has become the next $4 trillion company
Microsoft became the second company to reach a $4 trillion market valuation on Thursday, after its blockbuster earnings report on Wednesday night boosted the tech giant's shares. Microsoft's shares (MSFT) jumped nearly 4.5 percent after the market opened on Thursday, pushing its intraday valuation to $4.01 trillion. The company's shares have risen roughly 28 percent since the start of this year. The milestone comes just a year and a half after Microsoft reached a $3 trillion valuation. The company first cracked the $1 trillion mark in April 2019. It follows Nvidia into the $4 trillion valuation club, which hit the mark earlier this month. Microsoft forecast a record $30 billion in capital spending for the current fiscal first quarter to fuel its AI ambitions, and reported booming sales in its Azure cloud computing business on Wednesday. Wall Street analysts also noted that Microsoft's Copilot AI chatbot appears to have driven meaningful growth in its Microsoft 365 enterprise software business. Microsoft's move to $3 trillion was more measured than other tech giants, Nvidia (NVDA) and Apple (AAPL), with AI bellwether Nvidia tripling its value in just about a year and clinching the $4 trillion milestone before any other company on July 9. Apple was last valued at $3.12 trillion. Lately, breakthroughs in trade talks between the US and its trading partners ahead of President Donald Trump's August 1 tariff deadline have buoyed stocks, propelling the S&P 500 and the Nasdaq to record highs. Microsoft, the second largest US company, has rebounded nearly 50 percent from its April 2025 lows, when global markets were rattled by Trump's tariff offensive. Microsoft's multibillion-dollar bet on OpenAI is proving to be a game-changer, powering its Office Suite and Azure offerings with cutting-edge AI and fueling the stock to more than double its value since ChatGPT's late-2022 debut. Armed with exclusive access to OpenAI's models, Microsoft has raced to the front of the generative AI pack — supercharging its Azure cloud business, now the company's top revenue driver, and solidifying its dominance in the tech landscape, compared to Google's cloud and Amazon's web services. Wall Street's surging confidence in the company comes on the heels of back-to-back record revenues for the tech giant since September 2022. The stock's rally had also received an extra boost as the tech giant trimmed its workforce and doubled down on AI investments — determined to cement its lead as businesses everywhere race to harness the technology. While sweeping US tariffs had investors bracing for tighter business spending, Microsoft's strong earnings have shown that the company's books are yet to take a hit from the levies. But despite its meteoric rise, Microsoft has been streamlining its workforce in recent months. The company said earlier this month that it would cut around 9,000 employees, approximately 4 percent of its staff, its largest reduction since 2023. Those layoffs came after the company cut 6,000 workers in May. A company spokesperson said the July cuts were, in part, a reflection of new technologies that have made employees more productive. While AI wasn't mentioned specifically, the cuts came as Silicon Valley giants deploy the technology they're building to make their workers more efficient. Microsoft CEO Satya Nadella said earlier this year that 20 percent to 30 percent of the company's code was being generated by AI, and it's is pouring billions into AI infrastructure investments.
