Subscribe

Microsoft Discovers MacOS Bug That Can bypass SIP

November 1, 2021

The Microsoft 365 Defender Research Team recently discovered a new macOS vulnerability nicknamed “Shrootless” and tracked it as CVE-2021-30892, a vulnerability that can misuse privilege inheritance in macOS ‘System Integrity Protection (SIP) thereby giving room for the execution of arbitrary code with root privileges.

Reportedly, the vulnerability has already been patched in the three supported versions of macOS (Monterey 12.0.1, Catalina with Security Updates 2021-007, and Big Sur 11.6.1) although there are indications that older versions of OS X running SIP including OS X 10.11 and later may still be vulnerable.

When examining how Shrootless works, the first thing to understand is how SIP works. SIP as we have it adds kernel-level that prevent certain files on the disk and certain processes in memory from being changed, even with root privileges.

The bug then takes advantage of the fact that the kernel can modify protected locations as needed, even if root privileges are no longer sufficient to modify important system files.

For more information, read the original story in Arstechnica.

Top Stories

Bell, Telus withdraw CRTC complaints over network sharing

eBay cutting 800 jobs amid strategic realignment

U.S. Pentagon presses Anthropic to lift AI use restrictions

Canada ‘disappointed’ as OpenAI fails to offer new safety protocols after B.C. school shooting

Amodei says Anthropic had Claude before ChatGPT 

Meta facial recognition glasses spark backlash as detection app launches

Related Articles

Bell, Telus withdraw CRTC complaints over network sharing

March 2, 2026 Bell Canada and Telus Corp. have withdrawn competing complaints before the CRTC over fibre network access, ending more...

eBay cutting 800 jobs amid strategic realignment

February 27, 2026 eBay is cutting roughly 800 jobs or about six per cent of its workforce, as the company more...

Anthropic drops binding AI safety pledge in revised policy

February 27, 2026 Anthropic has revised its Responsible Scaling Policy, removing a binding commitment to halt development if its AI more...

JFrog shares drop after Anthropic launches Claude Code Security

February 25, 2026 Israeli software development company JFrog’s shares fell 24.94 per cent on Friday after Anthropic introduced Claude Code more...

Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.
Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.