Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Two Ways the Quarantine Attribute Can Fail in macOS Security - Gatekeeper Bypass Vulnerabilities

Objective-See Foundation via YouTube

Start learning Write review
OpenLearning Ad

Future-Proof Your Career: AI Manager Masterclass

Learn More → Coursera Ad

Save 43% on 1 Year of Coursera Plus

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore two critical Gatekeeper bypass vulnerabilities (CVE-2021-1810 and CVE-2023-27943) in this 29-minute security conference talk from Objective-See Foundation. Delve into the discovery process and root cause analysis presented by F-Secure's Senior Software Engineers Arthur Valiev and Rasmus Sten, who uncovered these vulnerabilities while developing endpoint protection software. Learn about the intricacies of LSFileQuarantineEnabled Info.plist key enforcement and how Archive Utility handles the com.apple.quarantine extended attribute. Gain insights from experienced developers who have worked with macOS security frameworks from Snow Leopard's kernel extensions to modern EndpointSecurity implementations.

Syllabus

#OBTS v6.0: "Two More Ways the Quarantine Attribute Can Fail Us" - Arthur Valiev & Rasmus Sten

Taught by

Objective-See Foundation

Reviews

Start your review of Two Ways the Quarantine Attribute Can Fail in macOS Security - Gatekeeper Bypass Vulnerabilities

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.