Types of malware threats you can encounter on macOS That’s just one example of how vulnerabilities in the OS can be exploited, there have been many others. If the user then accesses the network share, unzips a file and clicks a link, they could run malicious code without realising. The vulnerability the researcher, Filippo Cavallarin discovered and then described on his blog, exploited the fact that you only have to give permission once, and that when the app is installed, it can run freely.
To install anything else, you have to give it explicit permission. Depending on how you set Gatekeeper, it will either only allow apps from the Mac App Store to be installed without user intervention, or apps from the App Store along with those that have been code-signed by their developers. The vulnerability in question was in Gatekeeper, the tool that prevents unauthorised apps from being installed on your Mac. One recent example occurred in May 2019 when a researcher, having had no response after giving Apple 90 days to fix it, went public with details of a vulnerability he had discovered.
