Weekend good reads for Apple developers, issue #42

New iPhones are now arriving and are available in stores. So, you might have slightly less time reading on this weekend. Hopefully, you'll still have some time – we have great pack of articles for this weekend.

And this is it for today. Grab your iPhone 14 Pro Max (in Deep Purple, presumably) and enjoy this new Dynamic Island.

Cross-platform exploit targets Linux, Windows and macOS

New "SysJoker" cross-platform exploit now can infect machines with different OSes.

Interestingly, this exploit uses Universal Binary allowing it to run on Intel and Apple Silicon Macs. Code is signed with ad-hoc certificate. New certificates could be used in the future.

The files and directories created by SysJoker include:
/Library/MacOsServices
/Library/MacOsServices/updateMacOs
/Library/SystemNetwork
/Library/LaunchAgents/com.apple.update.plist

The persistence code is under the path LibraryLaunchAgents/com.apple.update.plist. If the files are found on a Mac, it is advised to kill off all related processes and delete the files.

AppleInsider

Reference: macOS, Windows, Linux all targeted by new cross-platform exploit

Linux is now usable on Apple Silicon Macs

Asahi Linux team reports that it is now usable on Apple Silicon Macs.

… M1 Macs are actually usable as desktop Linux machines! While there is no GPU acceleration yet, the M1’s CPUs are so powerful that a software-rendered desktop is actually faster on them than on e.g. Rockchip ARM64 machines with hardware acceleration.

Asahi Linux, Progress Report: September 2021