#Infosec question. I think I'm missing something in #Microsoft's description of the #Achilles vulnerability in #MacOS #gatekeeper
https://www.microsoft.com/en-us/security/blog/2022/12/19/gatekeepers-achilles-heel-unearthing-a-macos-vulnerability/
So they found a way to prevent #Safari from adding the #quarantine attribute. But they replaced with an even more restrictive attribute (ACL). Is that just for the #ProofOfOncept? Could an attacker use a very not restrictive ACL?