Attacker could gain root privileges for years on OS X




OS X contained a bug that each user could gain root access to a system. The bug, which was patched this week, could be exploited by a local attacker or in combination with other exploits that give users access to a system.

Apple logo According to security researcher Emil Kvarnhammar who came vulnerability on the track, was the vulnerability since 2011 in OS X. Only this week he was patched, but only for users of Yosemite; Users of older versions remain vulnerable. Kvarnhammar speaks a backdoor that allows each user could gain root access on an OS X system.

According Kvarnhammar involves a hidden api, which is probably meant for the applications settings of OS X. In practice, however, could also be other processes through vulnerability root access on an OS X system, allowing a user or process with normal privileges it could as well. This applies both for admin accounts as ‘normal’ users.

The bug is not enough to crack a remote system. Attackers who have already gained access to, however, an OS X system using a different exploit the vulnerability can be used for root access and thus enhance their capacities. Also, get a local limited user full control over the system.


In: Technology & Gadgets Asked By: [15484 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »