Researcher Patrick Wardle has discovered a security weakness in Apple’s Mac OS X Gatekeeper technology that could allow attackers to run unverified, and possibly malicious applications.
What is Gatekeeper?
Gatekeeper is an anti-malware feature designed to keep untrusted and malicious applications from reaching Macs. Gatekeeper’s default settings are to only allow applications downloaded from the Mac App Store onto a Mac. However, users have the option to change these settings to allow apps to run no matter where they are downloaded from.
Unverified applications are apps that have not been vetted through Apple’s App store.
How To Stay Protected
According to Wardle, Apple is working on a patch for this bug, however until the full patch is available, users should use caution and only download applications from trusted sources, such as the Mac App Store. To be sure that you are safe, verify Gatekeeper’s settings by launching System Preferences and clicking on Security & Privacy, and make sure that Apps are only allowed from the Mac App Store and Identified developers.