OS X Bug Exploited To Infect Macs Without Need For Password

Posted by Soulskill on Tuesday August 4, 2015 @06:20PM from the sooner-or-later dept.

An anonymous reader writes: A new flaw has been discovered in the latest version of OS X which allows hackers to install malware and adware onto a Mac without the need for any system passwords, researchers say. The serious zero-day vulnerability was first identified last week and results from a modified error-logging feature in OS X Yosemite which hackers are able to exploit to create files with root privileges. The flaw is currently found in the 'fully patched' OS X 10.10.4, but is not in the newest 10.11 El Capitan beta – suggesting that Apple developers were aware of the issue and are testing a fix.

2 of 127 comments (clear)

Min score:

Reason:

Sort:

Re:Better link by Plumpaquatsch · 2015-08-05 00:55 · Score: 1, Interesting

He also provides a fix, so you don't have to wait on Apple while your machines are vulnerable.
Yeah, installing a binary-only fix from a security researcher who says "Responsible disclosure is for pussies" - what could go wrong.

--
Of course news about a fake are Fake News.
There are other similar exploits by Anonymous Coward · 2015-08-05 01:16 · Score: 0, Interesting

There's been an ability to execute root privileges in all *nix for years and it's still unpatched. This isn't news.