A bug in Apple macOS products exposes the entire operating system to compromise. The vulnerability could let attackers bypass macOS System Integrity Protection (SIP) restrictions and then install rootkits, malware, and more. This attack can be carried out without physical access to the product. The bug was patched in an Apple security update on December 11, so all macOS systems should be updated as soon as possible. Cyber defenders should continue to monitor for any suspicious activity. 

Read more: https://www.darkreading.com/vulnerabilities-threats/apple-bug-root-protections-bypass-physical-access