The macOS Background Task Manager tool was introduced with macOS Ventura in October 2022. It’s supposed to spot potentially malicious software on your machine, but a researcher says it has troubling flaws, reports Wired.
At the Defcon hacker conference in Las Vegas, longtime Mac security researcher Patrick Wardle presented findings today about vulnerabilities in Apple’s macOS Background Task Management mechanism, which could be exploited to bypass and, therefore, defeat the company’s recently added monitoring tool.
Apple’s Background Task Management tool is designed to detect software “persistence,” which is when malicious software establishes itself on a target device even after it has been shut down and restarted. The tool sends notifications to users and third-party security tools when a persistence event occurs.
“There should be a tool [that notifies you] when something persistently installs itself, it’s a good thing for Apple to have added, but the implementation was done so poorly that any malware that’s somewhat sophisticated can trivially bypass the monitoring,” Wardle told Wired about his Defcon findings.