The new MacOS Mojave was released to the public today. But it looks like there’s a zero day privilege escalation bug in it. The “entrusted” app was able to grab data from the system where you were supposed to have privileged access to access it.
https://www.bleepingcomputer.com/news/security/macos-mojave-privacy-bypass-flaw-allows-access-to-protected-files/
Haitao Huang says
To successfully exploit this vulnerability, attackers need to have access to the targeted system and run their exploit that leads to a buffer overflow, thereby resulting in the execution of malicious code and achieving complete control of the affected system. In addition, this issue does not affect 32-bit systems as they do not have a large enough address space to exploit this flaw. Systems with less than 32GB of memory are unlikely to be affected by this issue due to memory demands during exploitation,” an advisory released by Red Hat reads.