Researcher discovers new privilege escalation Zero-day in OS X Yosemite including v10.10.5
August has been raining zero-days, vulnerabilities and flaws. We had countless vulnerabilities discovered in Android. Apple too had its share with a serious zero-day vulnerability in Apple’s OS X 10.10 Yosemite operating system. The DYLD exploit allowed attackers to install malware and adware without the need for administrative privileges.
Apple moved quickly and released a patch for the DYLD_PRINT_TO_FILE vulnerability with a new OS X point release. However, Italian talian developer Luca Todesco has discovered a new zero-day vulnerability in the Mac OS X 10.10 Yosemite operating system, affecting all available updates, including the recently released v10.10.5.
The exploit which is given on GitHub page here, relies on a combination of attacks including a null pointer dereference in the I/O Kit open-source framework that lets developers write device drivers for Apple’s OS X and iOS operating systems, for dropping a proof-of-concept payload into a root shell. Todesco says that the vulnerability may have been mitigated in OS X El Capitan, due to its new “rootless” security feature.
The new zero-day exploit also lets attackers gain root access to the target Mac computer running either of the OS X 10.10, 10.10.1, 10.10.2, 10.10.3, 10.10.4, or 10.10.5 operating systems without using a password, according to Mr. Todesco.
Macs still vulnerable as Apple doesnt know about the vulnerability
For some reasons Todesco has not informed Apple about this vulnerability and decided to make it public, knowing that cyber criminals can exploit it for malicious purpose. So as of the time of writing this article Macbooks across the world are vulnerable to this Zero-day.
Apple is hoped to take cognizance about this Zero-day and release a patch ASAP as it did with the DYLD vulnerability less than a month after disclosure.
Till then if you own a Macbook or iMacs, please be careful about who you allow around your PC or Laptop.