Apple has presented an important safety ceremony to MACOS 15.4 with an update, which was released on Monday, administrators should be interested in: in future, so -called TCC events can also be recorded by closing point security equipment. The latter is used to especially to install users, install malware or prevent them from creating a risky connection. TCC means “transparency, consent and control” and is always used when apps ask some rights. Apple then dazzling the consent dialogues. So far, the endpoint security applications have only been received if they see in log files-there was no official way to transmit them.
Dialogues are sent
In recent years, the Apple TCC dialogues have integrated into more and more areas than access to cameras and microphones through barrier freedom function to open some files and folders. If the malware now wants to get access, a TCC dialogue should be displayed and if necessary, fell by the user. If necessary, an endpoint should not be able to intervene in the safety application so that he should be able to intervene if necessary. “Therefore, for any safety tool it will be incredibly helpful that it should be able to identify”, “,” Safety expert Patrick Wardle writesWho discovered new facilities.
This feature is active since the beta of Macos 15.4. Wardle has already published the code how Querry can be implemented. According to his information, security experts and developers Apple have asked “many, many, many years” to pass on TCC events to eliminate security applications. “Now the answer is coming for our prayers.”
Relatively limited
According to Wardle, the implementation is not yet correct. Currently there is only an event type: “es_event_type_notify_tcc_mody”. “It seems incomplete to me, or at least fine.” In its code, which shows how it can be used. However, Wardley hopes that other processes will also be transferred in the future, including “es_event_type_auth_tcc_” in a variety of types. It is not currently clear whether Apple has already implemented something in the final edition of Macos 15.4, Wardle has only seen beta.
Apart from malware, users who clearly say for release – TCC is sometimes problematic from a different perspective: bug and security intervals in this region are always possible. Unfortunately, the new function helps very little here.
Foldables: The market should shrink – does Apple 2026 bring back?
(BSC)
5G standalone on O2: iOS 18.4 brings support for iPhone
