Intro Link to heading

Vulnerabilities are hot topics inside the world of security research and—because of their potentially dramatic impacts—outside as well. Unfortunately, the strategies and tactics that companies like Apple take to prevent specific vulnerabilities—or even entire families of exploits—typically attract less attention. But the fact is that engineering high-impact mitigations is typically more challenging than finding a single vulnerability.

In this post, we’ll look at Apple’s recent efforts to mitigate an entire class of installer-script vulnerabilities. We will cover:

Why Apple-signed installers are great targets for attackers; A high-level overview of such vulnerabilities from the past; and A deep-dive into how Apple attempts to mitigate these vulnerabilities with a new design in the PackageKit private framework.

The full blog was published at my company’s (Kandji) website: