News

Attacker Could Get Root Rights to OS X for Years

By admin
Spread the love

OS X contained a bug that allowed any user to gain root access to a system. The bug, patched this week, could be exploited by a local attacker or in conjunction with other exploits that give users access to a system.

According to security researcher Emil Kvarnhammar, who tracked down the vulnerability, the vulnerability had been in OS X since 2011. It was patched just this week, but only for Yosemite users; users of older versions remain vulnerable. Kvarnhammar talks about a backdoor that allowed any user to gain root access on an OS X system.

According to Kvarnhammar, this is a hidden api, which is probably intended for the settings applications of OS X. In practice, however, other processes could also gain root access on an OS X system through the vulnerability, whereby a user or process with normal privileges that was also possible. This applies to admin accounts as well as ‘normal’ users.

The bug is not enough to crack a system remotely. However, attackers who have already gained access to an OS X system using another exploit can use the vulnerability for root access and thus increase their capabilities. Also, a local user with limited rights can take full control of the system.

You might also like
News

EU Council determines position on security requirements for digital products

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Reddit removes chat messages from before January 1, 2023 during migration

News

AMD: Intel’s proposal for 64bit-only x86 architecture is very interesting

News

Valve releases major Team Fortress 2 update with community maps and new taunts

News

Statcounter: Linux had more than three percent desktop market share for the first…