Teenager Discovers Two Zero-Day OS X Exploits To Gain Remote Access To A Mac
Apple has found itself in hot waters lately in terms of security, with iOS and OS X both coming under fire from different security experts, claiming that Cupertino's walled security garden is not as tight as the company claims it to be. And now, a new report has surfaced, which is only adding more thorns to Apple's stiff security claims.
According to a report published by PCWorld, an 18-year-old, named Luca Todesco, was able to discover two new zero-day vulnerabilities in OS X, that can allow an ill-intentioned individual to gain remote access to a Mac, subsequently giving access to sensitive data to hackers. The exploit, details of which are available on GitHub, "uses two bugs to cause a memory corruption in OS X’s kernel."
Interestingly enough, the exploit has been patched in OS X 10.11 El Capitan, which is currently in beta and is due for release later this year. But, sadly enough, the exploit is present in OS X 10.9.5 all the way up to the current public release of OS X 10.10.5 Yosemite, which was released just last week to end users. The OS X 10.10.5 update patched a very critical security bug on its own that allowed ill-intentioned individuals to gain root access to a Mac, but the new zero-day exploits remain unpatched.
According to PCWorld:
The memory corruption condition can then be used to circumvent kernel address space layout randomization (kASLR), a defensive technique designed to thwart exploit code from running. The attacker then gains a root shell.
Apple is currently aware of this exploit, and the knowledge of the discovery has been conveyed to the Cupertino giant. Therefore, it's highly likely that Apple will push out a point update for its desktop operating system to patch things up. Apple itself, however, hasn't commented on the matter yet.
An unofficial patch, called NULLGuard, is available to download directly from GitHub. But, the creator of the patch also notes that he does not have a Mac developer certificate, hence distributing it in an easy way is not currently possible.
Like we mentioned before, Apple will definitely patch this exploit in no time, like it usually does. But given how things stand, we don't have an ETA for the patch's arrival just yet.
Apple has always taken pride in the fact that OS X is not susceptible to malware or viruses found on a Windows PC. But as we move forward, security researchers are digging deep inside OS X and we're seeing more and more security vulnerabilities surface on a bi-weekly basis.
Let's just hope Apple patches the latest exploit as soon as possible.