A Swedish Security researcher has discovered a critical vulnerability in Apple’s OS X Yosemite that
gives hackers the ability to escalate administrative privileges on a
compromised machine, and allows them to gain the highest level of access
on a machine, known as root access.
The vulnerability, dubbed as "Rootpipe", was uncovered by Swedish white-hat hacker Emil Kvarnhammar,
who is holding on the full details about the privilege escalation bug
until January 2015, as Apple needs some time to prepare a security
patch.
"Details on the #rootpipe exploit will be presented, but not now. Let's just give Apple some time to roll out a patch to affected users," Emil Kvarnhammar, IT specialist and hacker security company Truesec, tweeted from his twitter account.
By exploiting the vulnerability in the Mac OS X Yosemite,
an attacker could bypass the usual safeguard mechanisms which are
supposed to stop anyone who tries to root the operating system through a
temporary backdoor.
ROOT ACCESS WITHOUT PASSWORD
Once exploited, hackers could install malicious software or make other changes to your computer without any need of a password.
Hackers could steal victims’
sensitive information such as passwords or bank account information, or
if required, they could format the entire affected computer, deleting
all your important data from the computer.
Kvarnhammar has also provided a video to explain his initial finding.
“It all started when I was preparing for two security events, one in Stockholm and one in Malmö,” Kvarnhammar says. “I wanted to show a flaw in Mac OS X, but relatively few have been published. There are a few ‘proof of concepts’ online, but the latest I found affected the older 10.8.5 version of OS X. I couldn’t find anything similar for 10.9 or 10.10.”
Kvarnhammar
tested the vulnerability on OS X version 10.8, 10.9 and 10.10. He has
confirmed that it has existed since at least 2012, but probably is much
older than that.
INFORMED APPLE
Kvarnhammar contacted
Apple about the issue but he initially didn’t get any response, and
Apple silently asked him for more details. When he provided with the
details, Apple asked TrueSec not to disclose until next January.
Kvarnhammar said, "The current agreement with Apple is to disclose all details in mid-January 2015. This might sound like a long wait, but hey, time flies. It's important that they have time to patch, and that the patch is available for some time."
HOW TO PROTECT
The
full disclosure of the vulnerability would be made public in January,
after Apple will provide a fix. Apple Yosemite OS X users are advised to
follow the below steps in order to protect yourself from the
exploitation of the Rootpipe:
- Avoid running the system on a daily basis with an admin account. An attacker that will gain control on this account will obtain anyway limited privileges.
- Use volume encryption Apple’s FileVault tool, which allows encryption and decryption on the fly, protecting your information always.
However, the best way to
protect yourself from such security vulnerabilities is to ensure that
the operating system running on your system is always up-to-date, and
always be careful to the links and documents others send to you.
No comments:
Post a Comment