Apple introduced System Integrity Protection (SIP) with OS X El Capitan in 2015, and it essentially adds multiple layers of security that blocks apps from accessing and modifying system files at a root level. While users can manually disable this feature, it’s not exactly easy to do so. But Microsoft found an exploit that could let attackers bypass SIP.
Microsoft details how it found the “Migraine” exploit in macOS
As the company shared on its Security blog, a vulnerability named “Migraine” could bypass macOS’ System Integrity Protection and lead to arbitrary code execution on a device. The exploit is so named because it’s related to the macOS Migration Assistant, a native tool that helps users move data from a Mac or Windows PC to another Mac.