Apple to block hackers from accessing internal networks with macOS Sequoia exploit

With macOS Sequoia, Apple will fix the 18 years old exploit used by hackers to access its security network
An undated image of macOS Sequoia updates. — Apple
An undated image of macOS Sequoia updates. — Apple

Apple announced macOS Sequoia, the latest iteration of its desktop operating system, at the World Wide Developers Conference (WWDC) in June, bringing entirely new ways of working and transformative artificial intelligence (AI) features to Mac. 

Apple like other tech companies is constantly looking for ways to improve the security of its operating systems. Therefore, the company is likely to fix an exploit used by hackers to access its internal networks with macOS Sequoia. 

Read more: macOS Sequoia beta 4 — iPhone Mirroring gets addition of window resizing feature

How the exploit works?

Although it's an 18-year-old exploit, it's still being actively misused by hackers by taking advantage of web browsers like Safari, Chrome and Firefox. These browsers handle queries to a 0.0.0.0 IP address by redirecting them to other IP addresses, as explained by Oligo security researchers. 

Moreover, sometimes these requests are redirected to “localhost,” which is often used as a local internal server for testing in-development code enabling hackers to collect files and other private data from company servers. 

Some hackers even manage to run rogue code on servers hosting the Ray AI framework that is used to train AI models by companies including Amazon and Intel. 

However, these attacks were only possible on macOS and Linux, as Microsoft has chosen to block 0.0.0.0 on its Windows. 

Apple is now working to fix this security issue and will block all the attempts by websites to access 0.0.0.0 by using its macOS Sequoia beta. 

It’s unclear whether this update is already in the recently launched developer beta 4 for macOS Sequoia or it will come in future.