CVE-2022-42821 aka Achilles flaw
The Microsoft 365 Defender Research Team immediately warned Cupertino, which then deployed fixes needed with macOS Ventura 13.1, Monterey 12.6.2, and Big Sur 11.7.2 updates on December 13. Microsoft split froma blog post detailing the Achilles flaw, the latter relying on the modification of a file (via the AppleDouble and ACL mechanisms) deceiving Gatekeeper and preventing the system from warning the user of the potential danger. Updates to the last three versions of macOS provide protection against this type of attack, and are therefore recommended for all users.
Gatekeeper and Isolation mode aren’t foolproof
No security system is truly tamper-proof, and Gatekeeper has been bypassed many times in the past. The Microsoft 365 Defender Research Team was also inspired by previous flaws, particularly those preventing the system from assigning the quarantine attribute to a file (com.apple.quarantine), in order to implement Achilles. As a reminder, the Isolation mode of iOS 16, iPadOS 16 and macOS 13 Ventura was designed to protect people (politicians, opponents of the system, journalists) who could potentially be the target of sophisticated attacks (often very costly and carried out by States). For this, the mode blocks attachments, active links and images within Mail and Messages, requests that have not been initiated by users, or even connections when the device is locked.
The editor recommends: