Apple has patched a vulnerability in MacOS that allows attackers to install a malicious rootkit that goes undetected and performs arbitrary device operations. Apple included a fix for the flaw in a raft of security updates it released on Oct. 26. Microsoft Security Vulnerability Research (MSVR) shared the researchers findings to Apple through its Coordinated Vulnerability Disclosure (CVD), and the company responded promptly, Or said. The vulnerability lies in how Apple-signed packages with post-install scripts are installed, he explained.”]
Source: https://threatpost.com/apple-macos-flaw-kernel-compromise/175927/