Apple has patched a critical macOS zero-day (CVE-2021-30657) that has been exploited by Shlayer malware for months. Apple has introduced/enabled the App Tracking Transparency feature and policy in iOS, iPadOS and tvOS. The vulnerability is a logic issue that allowed attackers to craft a. payload that is not checked by Gatekeeper, the. security feature that verifies downloaded applications before allowing them to run, and bypasses File Quarantine and Application Notarization protections.
Source: https://www.helpnetsecurity.com/2021/04/27/cve-2021-30657/