440 Felstead Road, Northriding
Johannesburg, South Africa
+27 11 066 2919
+27 76 946 0258

A 15 year-old MacOS security flaw allows any user root access

A “hobbyist hacker” who calls themselves Siguza on Twitter has posted the details of a security flaw in MacOS that allows any user on a machine to become the super administrator, or root, WccfTech reported.

According to the report, the bug is a local privilege escalation vulnerability in an extension of the macOS kernel called IOHIDFamily.

The vulnerability lets an attacker install a root shell or execute arbitrary code, and appears to be able to disable System Integrity Protection and Apple Mobile File Integrity, which guard against malware.

Siguza said that the flaw has been around for at least 15 years and all versions of MacOS are affected.

Responding to criticism for not reaching out to Apple, the hacker explained that there is nothing to fear unless you are in a situation where an attacker might have physical access to your machine.

They also said that Apple has been in contact with them and is working on a patch.

Now read: Apple releases patch for macOS High Sierra security flaw

Source link


Reviewed by on

Rating: 8.7 out of 10

%d bloggers like this: