Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Tweet-Sized Exploit Can Get Root On OS X 10.10

Posted by timothy on from the special-circumstances dept.

vivaoporto writes: The Register reports a root-level privilege-escalation exploit that allows one to gain administrator-level privileges on an OS X Yosemite Mac using code so small that fits in a tweet. The security bug, documented by iOS and OS X guru Stefan Esserwhich, can be exploited by malware and attackers to gain total control of the computer. This flaw is present in the latest version of Yosemite, OS X 10.10.4, and the beta, version 10.10.5 but is already fixed in the preview beta of El Capitan (OS X 10.11) Speaking of exploits: Reader trailrunner 7 notes that "HP’s Zero Day Initiative has released four new zero days in Internet Explorer that can lead to remote code execution."

4 of 130 comments (clear)

  1. See..... by 8127972 · · Score: 4, Funny

    Twitter is bad for you. At least if you're a Mac user.

    --
    This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
  2. Oh ffs. by Harold+Halloway · · Score: 5, Funny

    Well done. You realise that this story will be reported in tomorrow's Daily Mail as 'Twitter Steals Apple Users' Bank Details'?

  3. Re:Misleading and Hyperbolic Title/Comparison by OzPeter · · Score: 4, Funny

    A lot of security exploits could fit within a tweet, but I've never seen that comparison before.

    You're right .. they should have specified it in pico Libraries of Congress. At least that's a unit of measurement that most people here would understand.

    --
    I am Slashdot. Are you Slashdot as well?
  4. Re:Misleading and Hyperbolic Title/Comparison by Galaga88 · · Score: 4, Funny

    You're right .. they should have specified it in pico Libraries of Congress. At least that's a unit of measurement that most people here would understand.

    So says you. I'm working on a patch for ext4 right now to display file sizes in kilotweets, megatweets, and teratweets.