Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software

Aug 07, 2024Ravie LakshmananMalware / Software Security

Apple on Tuesday announced an update to its next-generation macOS version that makes it a little more difficult for users to override Gatekeeper protections.

Gatekeeper is a crucial line of defense built into macOS designed to ensure that only trusted apps run on the operating system. When an app is downloaded from outside of the App Store and opened for the first time, it verifies that the software is from an identified developer.

It also runs checks to ensure that the app is notarized and has not been tampered with to install malware on macOS systems. Furthermore, it requires user approval before allowing any such third-party app to be run.

It’s this user approval mechanism that Apple has now tightened further with macOS Sequoia, the next iteration of the Mac operating system that’s expected to be released next month.

Cybersecurity

“In macOS Sequoia, users will no longer be able to Control-click to override Gatekeeper when opening software that isn’t signed correctly or notarized,” Apple said.

“They’ll need to visit System Settings > Privacy & Security to review security information for software before allowing it to run.”

The move is seen as a way to counter stealer malware and backdoors targeting macOS that are often unsigned and trick users into bypassing Gatekeeper protections.

In July 2023, North Korean threat actors were observed propagating an unsigned disk image (DMG) file that impersonated a legitimate video call service named MiroTalk and unleashed its malicious behavior after a victim control-clicks and selects “Open” and ignores the security warning from Apple.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.