A 15 year-old MacOS security flaw allows any user root access

A “hobbyist hacker” who calls themselves Siguza on Twitter has posted the details of a security flaw in MacOS that allows any user on a machine to become the super administrator, or root, WccfTech reported[1]. According to the report, the bug is a local privilege escalation vulnerability in an extension of the macOS kernel called IOHIDFamily. The vulnerability lets an attacker install a root shell or execute arbitrary code, and appears to be able to disable System Integrity Protection and Apple Mobile File Integrity, which guard against malware.

Siguza said that the flaw has been around for at least 15 years and all versions of MacOS are affected. Responding to criticism for not reaching out to Apple, the hacker explained that there is nothing to fear unless you are in a situation where an attacker might have physical access to your machine. They also said that Apple has been in contact with them and is working on a patch.

Yeah, I know.

But they have actually been very few, and most of them seemed to be looking for a serious debate, so I’m just trying to give them that.

The overwhelming majority of responses have been positive, and Apple engineers themselves don’t seem too sad about it…

— Siguza (@s1guza) January 1, 2018[2]

Now read: Apple releases patch for macOS High Sierra security flaw[3]

References

  1. ^ WccfTech reported (wccftech.com)
  2. ^ January 1, 2018 (twitter.com)
  3. ^ Apple releases patch for macOS High Sierra security flaw (mybroadband.co.za)

Leave a Reply

Your email address will not be published. Required fields are marked *