Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Apple Mac OS X Vulnerability Allows Attackers to Hack your Computer


  • Please log in to reply
10 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 11,728 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:12:50 AM

Posted 23 July 2015 - 05:39 AM

 

A security researcher has discovered a critical vulnerability in the latest version of Apple's OS X Yosemite that could allow anyone to obtain unrestricted root user privileges with the help of code that fits in a tweet.
 
The privilege-escalation vulnerability initially reported on Tuesday by German researcher Stefan Esser, could be exploited by to circumvent security protections and gain full control of Mac computers.
 
The most worrying part is that this critical vulnerability is yet to be fixed by Apple in the latest release of its operating system.
 
 

This could make it easier for hackers to surreptitiously infect Macs with rootkits and other types of persistent malware. Thanks to an environment variable DYLD_PRINT_TO_FILE Apple added to the code of OS X 10.10 Yosemite.
 
Apple Mac OS X Vulnerability Gives Full Control of your Mac
 
This environment variable specifies where in the file system an operating system component called the OS X dynamic linker dyld can log error messages.

 

 

Apple Mac OS X Vulnerability Allows Attackers to Hack your Computer

BC AdBot (Login to Remove)

 


m

#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:50 PM

Posted 23 July 2015 - 06:06 AM

Apple actually fixed the vuln in the next release, not the current one.

And the exploit is short enough to fit into a tweet :P

#3 TheJokerz

TheJokerz

  • Members
  • 271 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:08:50 AM

Posted 23 July 2015 - 06:38 AM

:hysterical:  I find it funny that most people that have apple products think that they are safe and nothing can happen to them!  This just furthers my dislike of apple.



#4 dante12

dante12

  • Members
  • 193 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:50 PM

Posted 23 July 2015 - 02:16 PM

yet another troll who has nothing to say

 

 

You're a  century behind this is not more the actually attitude

 

Because the XPC Framework is deeply integrated in the Mac OS X this fix will only the newest Version above 10.10.3. For older Versions there is on gibhub a patch read this Article for details 

 

:hysterical:  I find it funny that most people that have apple products think that they are safe and nothing can happen to them!  This just furthers my dislike of apple.

 

 



#5 TheJokerz

TheJokerz

  • Members
  • 271 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:08:50 AM

Posted 23 July 2015 - 02:25 PM

yet another troll who has nothing to say

 

 

You're a  century behind this is not more the actually attitude

 

Because the XPC Framework is deeply integrated in the Mac OS X this fix will only the newest Version above 10.10.3. For older Versions there is on gibhub a patch read this Article for details 

 

:hysterical:  I find it funny that most people that have apple products think that they are safe and nothing can happen to them!  This just furthers my dislike of apple.

 

 

 

Sorry but I am not a troll..  You do not have to get all butt sore because I am bashing on crapple.  I simply was stating that most people that I know that have a apple device think that they are invincible.  There OS may be for the most part bullet proof, I still find it funny when people find flaws in there proprietary OS. 

 

So I apologize if I hurt your feelings.



#6 softeyes

softeyes

  • Members
  • 1,351 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:50 AM

Posted 23 July 2015 - 07:59 PM

LOL ** I tend to like "all" flavors, vegetables and fruits in the computing world. Once I realized the guts of a Mac was basically a PC, with just another OS on the drive, I had my own chuckle.  IMO I do believe that for quite some time the good ol' Apple OS was a bit less vulnerable to viruses/malware or spam.

 

Why?  In a large way those that could afford Apple computers weren't savvy to write the muck that causes such distress as we have now. The worst case for me were students who loved to move the hard drive in the trash!  Grrr.

 

Then...iPod, iPads and other Apple product has fallen into the hands of the younger clever thinking sort, feeling it's fun to hack and create a mess!

No different than a PC.  I am not able to offer any thoughts on Ubuntu or Linux flavors (one day!)

 

My stance now:  I don't care what OS lives in any device, everything is subject to harm.

 

:warrior:



#7 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 5,959 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:01:50 PM

Posted 24 July 2015 - 06:43 PM

It's a matter of market share and return on investment. When 98% of the world's personal computers ran on Windows it wasn't worth anybody's while to write malware for Apple computers. Now that apple have a market penetration of about 10%, it is.

 

However, in this case it sounds like a wide open hole left in the OS. It has happened before, it will happen again. After all if you rely on systems designed by people, you can rely on people getting it wrong at least some of the time. Yes, I know that's what you have QA for, but quality assurance is run by people as well !

 

Chris Cosgrove



#8 dante12

dante12

  • Members
  • 193 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:50 PM

Posted 25 July 2015 - 12:40 AM

 

So I apologize if I hurt your feelings.

 

 

I don't feel aggrieved  :apple:

You must not apologized to me and of course I hope that my arguments not hurt your feelings. The meaning of the apple environment has changed years ago. Many think about privacy and security to make the apple system secure. Also the meaning that you don't need any security solution differs. The Complexity of the operating Systems makes it impossible to check how secure your own system is. By the way a human stands behind any development environment.

Therefore errors and mistakes are preprogrammed.    

 

 

My stance now:  I don't care what OS lives in any device, everything is subject to harm.

 

:warrior:

 

:thumbup2:



#9 NickAu

NickAu

    Bleepin' Fish Doctor

  • Topic Starter

  • Moderator
  • 11,728 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:12:50 AM

Posted 25 July 2015 - 01:03 AM

 

softeyes, on 24 Jul 2015 - 10:59 AM, said:snapback.png

 

My stance now:  I don't care what OS lives in any device, everything is subject to harm.

:thumbup2:



#10 IngridAngis

IngridAngis

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:50 AM

Posted 27 July 2015 - 12:40 AM

They shouldn't be offering Yosemite.   They should wait until all the bugs are ironed out so they're not just walking all over their users.



#11 JayJax

JayJax

  • Members
  • 676 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lee's Summit Missouri
  • Local time:07:50 AM

Posted 17 August 2015 - 08:25 PM

:hysterical:  I find it funny that most people that have apple products think that they are safe and nothing can happen to them!  This just furthers my dislike of apple.

Well for a while we were safe or safer - not  anymore

 

I HATE APPLE TOO - they are so anally retentive with their passwords I have about 8 and none ever work so I get another to add on) but its never easy always a pain in the @$$


Edited by JayJax, 17 August 2015 - 08:27 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users