Critical macOS Shortcuts Flaw Reported by PT SWARM Expert
PT SWARM expert Egor Filatov has discovered a critical vulnerability in Shortcuts, a built-in Critical macOS app used to automate user actions. The flaw, if exploited, could give an attacker full control over a device.
Positive Technologies revealed that the vulnerability is tracked as BDU:2025-02497 and carries a severity score of 8.6 out of 10 on the CVSS 3.0 scale. It affects Shortcuts version 7.0 (2607.1.3). The app has been part of macOS since Monterey, and is also supported in Ventura, Sonoma, and Sequoia.
If a compromised device is connected to a corporate network, attackers could infiltrate the internal infrastructure. Filatov warned that it would be enough for a victim to run a malicious macro unknowingly.
Positive Technologies reported that the vendor was notified in line with responsible disclosure policies. A patch has already been issued. Users are advised to upgrade to macOS Sequoia 15.5 or later.
If an OS update is not possible, users should avoid downloading unknown shortcuts or using the app altogether.
According to the report, possible consequences of exploitation include: Theft or deletion of sensitive data
Remote malware installation and ransomware attacks
Business disruption in corporate environments
The company emphasized that threat actors could upload infected shortcut templates to the app's library. Before the patch, the flaw could be used to bypass macOS security and execute arbitrary code.
Positive Technologies has a long track record of studying Apple products. In 2018, its researchers discovered a firmware flaw in Intel Management Engine that affected Apple computers. In 2017, vulnerabilities in Apple Pay were reported, allowing unauthorized transactions.
The Shortcuts app is also available on iOS. To prevent threats on mobile, companies are advised to use solutions like PT MAZE. It protects apps by making reverse engineering difficult and costly for attackers.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The National
5 hours ago
- The National
Apple iPhone 17 launch: From design changes to higher prices, here's what's expected
Apple is expected to unveil its newest line-up of iPhones in less than four weeks' time. Expectedly, the internet's citizens are excited and speculating about what's to come. Barring any major surprises, the company is set to hold its centrepiece event in the second week of next month, with most agreeing that September 9 is the date to bookmark. Here's what we know about the next generation of Apple's flagship, likely to be called the iPhone 17. Apple does not comment on rumours or speculation. What iPhones will be launched? The talk: Since 2019, Apple has made it a point to release four devices – two base models and two Pro variants. That is rumoured to change this time. The base iPhone 17 will still be there, design intact from its predecessor, although its screen might be bumped up from 6.1 inches (155mm) to 6.3 inches, which would bring it on par with the base Pro model. The Pro and Pro Max variants, meanwhile, are expected to stay put at 6.3 inches and 6.9 inches, respectively. But the biggest design upgrade, purportedly, is that their camera block would stretch the entire width of their rear, with the flash, mic and light sensor to be placed on the right side. Perhaps the most anticipated device this year is the long-speculated iPhone 17 Air, Apple's entry into the emerging slim-phone game. It is said to have a thickness of only 5.5mm, making it the thinnest iPhone ever, that would pip the Samsung Galaxy S25 Edge. It is unclear what Apple would be adding and subtracting in terms of specs, but renderings are suggesting it will feature one camera, with a camera block also extending across its width. Quick take: Apple introducing a new design is overdue, having stuck with practically the same formula for the past few years (and switching up camera lens arrangements). And while we do, however, want the flat, iPhone 4-esque design reintroduced in the iPhone 12, building around this would bode well for mass appeal. For instance, if those extended camera blocks become a reality, it will have a fresher look. Beyond that, it's also important to deliver on what's inside. Among those are better battery life and meaningful upgrades to Apple Intelligence. How much will the new iPhones cost? The talk: Apple will be raising the prices of the coming iPhone 17 models by $50, according to reports quoting analysts and tipsters. While that would be a straight-up increase across the board, there's one outlier: it's been said that the iPhone 17 Pro – now possibly with a base cost of $1,049 – will be losing its 128GB option. That means you'd get double the storage for only $50 more: the current 256GB version of the iPhone 16 Pro costs $1,099, meaning Apple would be giving more for less. But a more important discussion: if this is true, Apple raising prices could be also due in part to the effect of US trade tariffs, in addition to new upgrades and manufacturing costs. Quick take: This particular talking point is nothing new since it's basically omnipresent with each iPhone launch. The good news was that, in the past, Apple didn't frequently raise its prices. Even last year, with the introduction of Apple Intelligence, the company retained prices. Historically, however, we may be due for an increase: the longest period for Apple not raising prices has been five years – or cycles, to be more precise – from 2012 to 2016, spanning the iPhone 5 and iPhone 7. Last year was the fifth straight year of no increase, meaning Apple staying put on prices this year would be a record for the longest price maintenance streak. Would it be coincidence that Apple will raise prices in the era of tariffs? That's unclear. What language Apple will use on any potential price rise is also of interest, taking into consideration report by The Wall Street Journal that the company will try to avoid linking any increases to the tariffs. What other devices will be launched? The talk: iPhones and Apple Watches have traditionally come hand-in-hand, so the Watch Series 11 could be launched next month. Also, new AirPods could be unveiled. Two Apple Watches are on the radar: Series 11, which is said to feature a new high blood pressure detector and 5G cellular connectivity, and Watch Ultra 3, an update to Apple's rugged digital timepiece. Quick take: From a hardware perspective, we're not expecting much from the new watches - although that blood pressure monitor would be an interesting and useful addition. We fully expect Apple to announce collaborations with some of the biggest health entities for developing this. For the AirPods, while a token upgrade is due for the standard wireless buds, we're very much more interested in a new version of the AirPods Max; we feel that this audio device has somewhat been buried. It isn't forgotten though, because of its excellent music quality. So if there is, pound-for-pound, an Apple device really due for an upgrade, we're arguing this is it.
Khaleej Times
5 hours ago
- Khaleej Times
Is Apple's iPhone 17 launch event set for September 9? Here's what we know
In less than a month, Apple is set to lift the curtain on its next generation of hardware. The iPhone 17 series is expected to debut at a keynote event on Tuesday, September 9, according to multiple reports. The fall launch won't just be about the iPhone. Apple is also tipped to introduce the Apple Watch Series 11, the Apple Watch Ultra 3, and potentially an updated AirPods Pro during the same event. All products are expected to share a synchronized release date. Beyond the hardware, there's growing interest in Apple's upcoming software. This year, iOS 26 has generated more buzz than usual, with early testers praising its speed and polish. Bloomberg's Mark Gurman noted in his Power On newsletter that the sixth developer beta feels 'ridiculously snappy,' suggesting the final public release is imminent. iOS 26 will ship pre-installed on the iPhone 17 models but will also be available for download on older devices, going back to the iPhone 11. If Apple follows its traditional pattern, the timeline could mirror last year's release. In 2024, iOS 18 rolled out on Monday, September 16, a week after the keynote and just ahead of the iPhone 16's in-store launch. That would put iOS 26's likely release window in the week beginning September 15. What to Expect With Apple's keynote now just weeks away, all eyes will be on September 9 for the company's biggest announcements of the year.
Tahawul Tech
2 days ago
- Tahawul Tech
Apple denies bias against Grok AI
Apple has responded to accusations from Elon Musk regarding the company suppressing xAI's Grok AI chatbot by telling BBC News that App Store rankings are objective. The vendor provided BBC News with a statement in response to accusations of bias by Musk, which Apple denies. Musk appears disgruntled by a partnership between Apple and OpenAI to enhance its Siri personal assistant with the ChatGPT chatbot. In a series of posts on X in recent days, the billionaire threatened legal action over what he argues is a breach of competition laws. Apple told BBC News the rankings of its App Store are based on various means, including algorithms and expertly curated lists, denying Musk's accusation of favouritism towards its AI partner. The vendor emphasised the large number of apps on offer through its marketplace and asserted objectivity in how those are rated and presented to users. ChatGPT is the top free app listed for iPhones on the US version of Apple's App Store at the time of writing, with Grok sixth. OpenAI's product also heads free iPad apps, with Grok in 34th place. There are strong suggestions across all news articles on the matter that Musk's grievance lies more with Open AI than Apple, given a well-publicised spat with the AI company's CEO Sam Altman. Source: Mobile World Live Image Credit: xAI Grok
