Swedish Hacker Finds Serious Security Flaw in OS X Yosemite

/ 5 years ago


The white-hat hacker Emil Kvarmhammer from the Swedish security firm Truesec has found a serious security hole in Apple’s new OS X Yosemite. He dubbed the new vulnerability “rootpipe” and explains that it is a so-called privilege escalation vulnerability. This means that an attacker could get full root access without the need for any password and thereby take over the entire system.

Kvarnhammer didn’t disclose any details about the flaw and this is of course to give Apple time to come up with a fix before it becomes widely abused on unsuspecting users. While the bad news is that there isn’t a fix yet, nor is there any real time frame for it. The good news is that you can limit the damage a potential attacker can cause you to almost zero with just a few easy steps.

Most Apple machines are set up with just one user that has full admin privileges and there is no limit to the damage that can be done when the admin user is infected. So the first step would be to set up a user for everyday tasks next to the admin account.

The easiest way to do this without having to redo all your configurations is to create a new user and give him admin rights. Then log into that new admin user and remove the admin rights from your day-to-day user. Done. You’ll have to provide the admin password when you want to make changes to the systems such as install software, but that’s a tiny hassle in return for the huge security improvement. This is also good advice for any user of Windows or Linux.

The second step you can take to protect your data in case of an infection is to use the Apple’s FileVault tool. This will encrypt the hard drive without a too big hit on the system performance. You might not even notice it, depending on which Mac you own.

“Normally there are ‘sudo’ password requirements, which work as a barrier, so the admin can’t gain root access without entering the correct password. However, rootpipe circumvents this,” said Emil Kvarnhammer.

Kvarnhammer said he found the bug while researching new flaws in Mac OS X for two presentation he had to do. By studying the code and trying to follow the same lines of thought the original programmer had, he discovered this new flaw. Truesec works with responsible disclosure and they have received a time-frame from Apple when they are allowed to tell us more about this flaw and how it works. This date wasn’t revealed either, but there is talk about a full-disclosure from Apple about the issue in January 2015. So the fix might not be an easy one, either that or they feel confident enough that no one else will find it before then.

Thanks to Macworld for providing us with this information 

Images courtesy of Macworld

Topics: , , , , ,

Support eTeknix.com

By supporting eTeknix, you help us grow and continue to bring you the latest newsreviews, and competitions. Follow us on FacebookTwitter and Instagram to keep up with the latest technology news, reviews and more. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!

Looking for more exciting features on the latest technology? Check out our What We Know So Far section or our Fun Reads for some interesting original features.

eTeknix Facebook eTeknix Twitter eTeknix Instagram eTeknix Instagram

Check out our Latest Video

  • Be Social With eTeknix

  • Latest Video

  • Features

  • Poll

    AMD X570 or Intel Z390?

    View Results

Send this to a friend