By Russell Holly.
If you’re running the latest version of Mac OS X, you should avoid running your computer with admin privileges for a little while. A White Hat security researcher has discovered a security vulnerability he calls “rootpipe,” and currently Apple has no fix date for the issue.
The nastiest kinds of exploits on any OS are the ones that grant someone access to the root of the OS without permission. It’s the kind of vulnerability that guarantees whoever is trying to access your system that any data stored on your phone belongs to them, and in many cases this kind of access is granted without the user even knowing what is going on. These exploits are often referred to as privilege escalation vulnerabilities, and security researcher Emil Kvarnhammar claims to have found on on OS X Yosemite.
While Kvarnhammar is not yet ready to show off how this exploit happens, he has assured everyone that Apple is aware of the problem. Apple has yet to publicly acknowledge this issue, because Apple basically never acknowledges exploits before they have been fixed, but there’s currently no ETA for a fix. Emil Kvarnhammar has confirmed that this exploit is not limited to Yosemite, but it doesn’t work on version 10.9. If you’re running Mavericks you should have no problems, but if you are running the most recent version of OS X or a version prior to Mavericks you are vulnerable to this exploit.
This exploit is not scheduled for full disclosure until January, and while that means not many people know about the exploit, it also means you’re exposed until Apple updates against rootpipe. In the meantime, the best way to protect yourself is not to use an account with admin privileges. This means users who only have one account on their MacBook should create a second account, remove admin privileges from that account, and only use that limited account for now. It’s also not a bad idea, according to Kvarnhammar, to use Apple’s FileVault tool to encrypt your hard drive.
No comments:
Post a Comment