Zero-day vulnerability is only partially fixed in macOS

AppleInsider reports that Apple partially fixed vulnerability in macOS Big Sur allowing attackers to run arbitrary code via specially crafted email.

Vulnerability involves usage of file:// URL scheme, and currently Apple checks for it in case sensitive manner allowing attackers to use mixed cases. Proper fix is yet to come.