An Apple Store in Hong Kong. (ChIfcapsho, CC BY-SA 3.0, via Wikimedia Commons)

Apple patched a vulnerability that was actively exploited by malware actors to bypass the Transparency Consent and Control (TCC) framework, allowing them to take screenshots of infected victims’ computer desktops without having to even trick them into granting permissions first.

TCC bypasses are serious business. Because the TCC system controls which resources and tools that various applications can gain access to, this particular bypass could have allowed the adversaries to engage in a variety of malicious behaviors beyond just screenshots, according to researchers from Jamf who discovered the flaw.