The Dark Side of Installers: Security Flaws in macOS and Windows
In this presentation, we will delve into the often overlooked security risks associated with macOS (.pkg) and Windows (.msi) installer packages. Installers are a critical part of software deployment, yet they can harbor significant vulnerabilities that, if exploited, can lead to privilege escalation and remote code execution (RCE).
We will start by unpacking the structure of macOS and Windows installer packages, shedding light on their internal components and the common security flaws that can be exploited. Through real-world examples and demonstrations, we will explore how attackers can leverage these flaws to gain unauthorized access and control over systems.
Attendees will learn about the following key areas:
Understanding Installer Packages: A comprehensive overview of the structure and function of macOS .pkg and Windows .msi files.
Common Security Flaws: Identification and explanation of typical vulnerabilities found in installer packages.
Privilege Escalation: How malicious actors exploit installer flaws to escalate privileges on both macOS and Windows platforms.