CVE-2024-44243 is a critical macOS vulnerability discovered by Microsoft Threat Intelligence that allows attackers to bypass Apple’s System Integrity Protection (SIP). This flaw resides in the "storagekitd" daemon, enabling local attackers with root privileges to load unauthorized kernel extensions and bypass macOS's robust security mechanisms. Exploiting this vulnerability can lead to deep system compromises, such as installing persistent malware, bypassing Apple's privacy controls (TCC), and escalating privileges to exploit other vulnerabilities. Apple has issued security updates to address this issue, and users are strongly urged to update their macOS devices immediately. This incident underscores the importance of proactive patching and vigilance against social engineering attacks, which remain an ever-present threat. Continue here.
