Techly NewsGet the app

Get the latest tech news

CVE-2025-24259: Leaking Bookmarks on macOS


A security research blog.

A Mach message include a kernel-appended trailer, which contains (among other things) an audit token that can be used by the receiver to uniquely identify the sending process and read its entitlements. In my previous write-up, I mimicked client code to send Mach messages to a daemon that didn't check entitlements, allowing me to access restricted resources. Now, parentalcontrolsd will ignore clients that don't have the com.apple.private.parentalcontrols entitlement key with a boolean value of true when they try to call that specific MIG routine to copy Safari bookmarks.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of macOS

macOS

Photo of Leaking Bookmarks

Leaking Bookmarks

Related news:

News photo

Apple Seeds Second macOS Sequoia 15.4 Release Candidate With Mail Categorization

News photo

Can't Update to the macOS 15.4 RC? Here's Why

News photo

Apple Seeds macOS Sequoia 15.4 Release Candidate With Mail Categorization

« The Proud Boys and militias come to Tesla’s defense
Yahoos Vidya Nayak wants more women in tech »