Microsoft uncovered a medium-severity macOS vulnerability (CVE-2024-44243) that allowed attackers to bypass System Integrity Protection (SIP) by exploiting a storage daemon process. This flaw enabled the replacement of system binaries, granting persistence and facilitating malicious software installation, such as rootkits. Apple addressed the issue with a patch in macOS Sequoia 15.2, mitigating the significant risks posed by bypassing SIP, including the circumvention of critical security protections.

‍