Photo: NurPhoto/Getty Images

Researchers at Okta found a severe problem in the way security programs traditionally use MacOS tools to verify which programs were written by Apple — what is known as code signing.

Why it matters: Apple's developer interface, known as an API, can be tricked so anyone writing malware can convince a bevy of security products that the malware was written by Apple. The problem here is that security products are often loath to distrust Apple and will let that malware run unfettered.

  • Josh Pitts, who discovered the bug, said that Okta does not know if any malware is currently utilizing this flaw to circumvent security programs.

Who it affects: There is no way to know the complete list of what products are vulnerable to this bug. But Okta tested a number of products, and some big name ones have problems, including F-Secure, Facebook and Carbon Black. Every software maker that Okta announced had a problem has released a patch.

  • According to Okta, Apple told the firm that developers would be responsible for correcting their implementation of the API. CERT, the government group that coordinates notifying vendors of widespread security flaws, recommended that Okta write a description of the problem to help vendors assess whether they are vulnerable.
  • That's a double-edged sword. Pitts noted that "once the blog is published, it will be easy for someone to weaponize it."
  • It's critical, said Pitts, that everyone update Mac security software.

Go deeper

Robert Mueller speaks out on Roger Stone commutation

Former Special Counsel Robert Mueller testifies before the House Permanent Select Committee on Intelligence on Capitol Hill on Wednesday July 24, 2019. Photo: The Washington Post / Contributor

Former special counsel Robert Mueller responded to claims from President Trump and his allies that Roger Stone was a "victim" in the Justice Department's investigation into Russian interference in the 2016 election, writing in a Washington Post op-ed published Saturday: "He remains a convicted felon, and rightly so."

Why it matters: The rare public comments by Mueller come on the heels of President Trump's move to commute the sentence of his longtime associate, who was sentenced in February to 40 months in prison for crimes stemming from the Russia investigation. The controversial decision brought an abrupt end to the possibility of Stone spending time behind bars.

Trump dons face mask during Walter Reed visit

Trump wearing a face mask in Walter Reed National Military Medical Center on July 11. Photo: Alex Edelman/AFP via Getty Images

President Trump wore a face mask during his Saturday visit to Walter Reed National Military Medical Center, according to AP.

Why it matters: This is the first known occasion the president has appeared publicly with a facial covering as recommended by health officials since the coronavirus pandemic began, AP writes.

Updated 9 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 5:30 p.m. ET: 12,607,510 — Total deaths: 562,338 — Total recoveries — 6,948,863Map.
  2. U.S.: Total confirmed cases as of 5:30 p.m. ET: 3,228,884 — Total deaths: 134,600 — Total recoveries: 983,185 — Total tested: 38,919,421Map.
  3. Public health: Jimmy and Rosalynn Carter: "Please wear a mask to save lives" Fauci hasn't briefed Trump on the coronavirus pandemic in at least two months — We're losing the war on the coronavirus.
  4. Food: How the coronavirus pandemic boosted alternative meat.
  5. Sports: Charge of "money grab" by college football.
  6. World: India reimposes lockdowns as coronavirus cases soar.