Microsoft discovers new macOS vulnerability CVE-2024-44243, allowing attackers to install Rootkit

On January 15th, Microsoft Threat Intelligence discovered a new macOS vulnerability CVE-2024-44243. This vulnerability could potentially allow attackers to bypass Apple's System Integrity Protection (SIP) in macOS by loading third-party kernel extensions.

SIP is a security technology that restricts the execution of operations that may damage system integrity; therefore, bypassing SIP can affect the overall security of the operating system. Bypassing SIP could lead to serious consequences such as increasing the likelihood for attackers and malware authors to successfully install Rootkits, create persistent malware, bypass Transparency, Consent and Control (TCC), and expand the attack surface for other techniques and vulnerabilities.