You're wholeheartedly recommended to update your Macs to Apple's new macOS Big Sur 11.4 software which patches a zero-day exploit letting attackers take screenshots secretly.
macOS 11.4 Fixes Surreptitious Screenshots
The Mac operating system suffers from a zero-day exploit which lets malicious software take surreptitious screenshots or screen recordings when using apps like Zoom.
The vulnerability was detailed by Jamf, a mobile device management company.
The security oversight lets malware hijack existing app permissions and bypass the user's privacy preferences. As a result, attackers could gain full access to your Mac's disk, and the built-in features allowing users to easily take screenshots and make screen recordings.
This enables an attacker to hook into apps that already have recording permissions, like Zoom or FaceTime, to take secret screenshots and surreptitiously record the screen.
According to Jamf, this vulnerability has been actively exploited in the wild.
Installing the macOS Big Sur 11.4 update as soon as possible is the safest way to protect yourself from becoming a target and boost your privacy. The fix is not mentioned in the official macOS Big Sur 11.4 changelog that's available on Apple's website.
However, Apple's full list of important security fixes that are available with macOS Big Sur 11.4 does reveal that the permissions issue was addressed with improved validation.
"A malicious application may be able to bypass Privacy preferences," reads the document. "Apple is aware of a report that this issue may have been actively exploited."
How to Install macOS Big Sur 11.4
To update the software powering your Mac, go to System Preferences → Software Update.
If you see a message saying updates are available, clicking the Update Now button will install them. To see details about each update, click More Info. You may be asked to enter your macOS administrator password to authorize installing the updates.
After installing macOS Big Sur 11.4, you may notice that your Mac is running slower than before. That's because macOS is performing post-install tasks like Spotlight indexing and Photos object recognition that affect computer performance until completed.
What Are Zero-Day Exploits?
Generally speaking, a zero-day vulnerability is unknown to security express.
Until the vulnerability is mitigated, hackers can exploit it to perform cyber attacks. A zero-day exploit occurring on the same day a software vulnerability is discovered is especially troubling because there's no fix for it yet at the time of an attack.
Apple reacts as fast as humanly possible to any zero-day exploits discovered in its operating systems, typically releasing security patches within just a few days.