A zero-day vulnerability in OS X Yosemite has been exploited in the wild, and it's a doozy. According to Malwarebytes, a script that exploits the vulnerability can give a user root privileges without the need for a password prompt, which then allows malware running under that user's account to do untold harm to a vulnerable Mac.
OS X (as well as other *nix operating systems) maintains a list of users who can access root privileges, called sudoers. The script in question uses the vulnerability, called DYLD_PRINT_TO_FILE, to modify the sudoers file to grant those users root permissions without being prompted for a password. Once the script modifies the sudoers list, it's free to do whatever root-level actions sudoers allows without the victim seeing any password prompts.
Malwarebytes researcher Adam Thomas found that this issue is being exploited in the wild. An app called VSInstaller uses the vulnerability to make the required modifications to sudoers before installing one or more potentially-unwanted programs without any prompts. To cover its tracks, the script then deletes itself and performs an innocuous action, like opening the page for an unrelated app on the Mac App Store.
Stefan Esser, the iOS-jailbreak developer known as i0n1c, blogged about the exploit without notifying Apple. Fortunately, a separate researcher had already discovered the issue and notified Apple, so the Mac maker wasn't caught completely by surprise. Esser has provided a fix of his own, but Malwarebytes seems skeptical of both the update and Esser's motives.
Apple has not yet patched the vulnerability. Hopefully, with adware exploiting this hole in the wild, the company will move to squash it quickly.
|TR's 2017 Christmas giveaway: goodies from MSI, Antec, and OCZ||14|
|VESA DisplayHDR attempts to demystify HDR-capable monitors||14|
|BenQ EW277HDR brings HDR10 in reach of mere mortals||5|
|Intel Pentium Gold chips now have Silver siblings||25|
|Acer ProDesigner PE320QK is big on size and color accuracy||2|
|Thermaltake's Nemesis Switch has enough buttons for all your macros||17|
|Zotac Gaming MEK1 PCs have the requisite pieces of flair||9|
|Toshiba's latest hard drives store 14 TB without shingles||66|
|Friday deals: a motherboard trio, a cheap CLC, and a rodent||11|