Security researchers found a way to exfiltrate sensitive data through FileProvider
The bug abuses the framework’s elevated privileges
Apple patch address issue with improved validation of symbolic links
Apple has patched a hole in iOS and macOS which could have been abused to steal sensitive data from victims.
Cybersecurity researchers from Jamf Threat Labs recently discovered, and reported, a vulnerability in FileProvider, a framework in macOS and iOS that enables apps to manage and access files stored on remote servers or locally.
