Rootpipe, a critical OS X Yosemite Vulnerability

Emil Kvarnhammar, a Swedish Security researcher has discovered a critical vulnerability in Apple’s OS X Yosemite, dubbed as “Rootpipe”, that gives hackers the ability to escalate administrative privileges on a compromised machine, and allows them to gain the root access.

video exploit

Kvarnhammar keep secret the details on the bug until January 2015, to allow Apple to make a patch:

“The current agreement with Apple is to disclose all details in mid-January 2015. This might sound like a long wait, but hey, time flies. It’s important that they have time to patch, and that the patch is available for some time.”

and, from Twitter:

Details on the #rootpipe exploit will be presented, but not now. Let’s just give Apple some time to roll out a patch to affected users.

but posted a video on youtube showing the exploit:

How to protect yourself?

TheHackerNews suggests:

  1. Avoid running the system on a daily basis with an admin account. An attacker that will gain control on this account will obtain anyway limited privileges.

  2. Use volume encryption Apple’s FileVault tool, which allows encryption and decryption on the fly, protecting your information always.

Published: November 04 2014