The Apple Gatekeeper vulnerability discovered back in September 2015 that allows unsigned apps to circumvent Apple’s malware checks is still not patched. The security researcher who first discovered the flaw, Patrick Wardle, says Apple has only blacklisted the binaries he used for the exploit and the apps he was using. The way the flaw works is a signed app (downloaded from third party websites) could launch an unsigned app within the same directory which then can then infect your Mac. After Wardle disclosed the flaw to Apple and Apple verified they had patched the flaw, Wardle decided to double check their work discovering the blacklist band-aid.
Wardle is confident that the Apple team will get their stuff together and fix the complete flaw and remove the temporary bandage. Wardle points out that the band-aid work around is easily reversed engineered in about five minutes and he’s certain he’s not the only one who could do so. Apple generally fixes flaws such as this quickly and concisely so it is a bit concerning that they’ve been sitting on a permanent fix for this flaw for so long.
For now the only protection from this is to be sure you’re downloading apps from the Mac App Store only. If you download any apps from a third party, there is no guarantee those won’t be infected. Even using “trusted” sources could be a gamble as the apps outside of the Mac App Store are at high risk of being exploited. Really, most regular users should be downloading apps strictly from the Mac App Store and no where else. It is the best way to make sure you’re not getting nasty unwanted visitors in your system.
We’ll keep our ear to the ground and hope that Apple patches the Gatekeeper flaw soon. Do you download Mac apps from third parties? Let us know in the comments below or on Google+, Facebook and Twitter.Source: Engadget