Serious OS X Yosemite Vulnerability Discovered

Emil Kvarnhammar, a hacker at Swedish security firm Truesec, calls the vulnerability “rootpipe” and has explained how he found it and how you can protect against it. It’s a so-called privilege escalation vulnerability, which means that even without a password an attacker could gain the highest level of access on a machine, known as root access. From there, the attacker has full control of the system. It affects the newest OS X release, version 10.10, known as Yosemite. Apple hasn’t fixed the flaw yet, he says, so Truesec won’t provide details yet of how it works.

9 Comments

  1. 2014-11-04 4:06 am
    • 2014-11-04 10:00 am
      • 2014-11-05 5:57 am
  2. 2014-11-04 4:11 am
  3. 2014-11-04 10:00 am
    • 2014-11-04 1:01 pm
    • 2014-11-04 4:43 pm
    • 2014-11-04 4:43 pm
      • 2014-11-04 5:58 pm