image credit: Unsplash

New ‘powerdir’ Vulnerability in macOS Exposes Protected Data

January 11, 2022

Tracked as CVE-2021-30970, the new security error, which Microsoft calls powerdir, allows an attacker to bypass the platform’s Transparency, Consent, and Control (TCC) technology and “potentially orchestrate an attack based on the user’s protected personal data.”

Introduced in 2012, TCC is meant to help users configure the privacy settings in their applications, including access to features such as microphone, camera, location, calendar, and more. Users can access these settings under System Preferences > Security & Privacy > Privacy.

Read More on Security Week