Emil Kvarnhammar, a Swedish Security researcher has discovered a critical vulnerability in Apple’s OS X Yosemite, dubbed as “Rootpipe”, that gives hackers the ability to escalate administrative privileges on a compromised machine, and allows them to gain the root access.
Kvarnhammar keep secret the details on the bug until January 2015, to allow Apple to make a patch:
“The current agreement with Apple is to disclose all details in mid-January 2015. This might sound like a long wait, but hey, time flies. It’s important that they have time to patch, and that the patch is available for some time.”
and, from Twitter:
Details on the #rootpipe exploit will be presented, but not now. Let’s just give Apple some time to roll out a patch to affected users.
but posted a video on youtube showing the exploit:
How to protect yourself?
Avoid running the system on a daily basis with an admin account. An attacker that will gain control on this account will obtain anyway limited privileges.
Use volume encryption Apple’s FileVault tool, which allows encryption and decryption on the fly, protecting your information always.
- Vulnerability on Sparkle framework affects a lot of Mac apps
- Weekly Roundup Special Edition: all about Hacking Team!
- Shutting down computer on USB port activity? Yes, with USBKill
- Thunderstrike, the first OSX bootkit
- WireLurker, a new malware generation?
- OSX vulnerable to Shellshock through DNS reverse lookup