Unpatched macOS Security Hole

Wednesday, January 3, 2018 @ 12:01 PM gHale

There is a vulnerability in the macOS which could also include the latest version that released December 6.

The vulnerability, discovered by a researcher that goes by the name of Siguza, could allow an attacker to gain root access and take control of a system. The catch is the attacker would need local access to the computer to execute arbitrary code.

Apple Patches KRACK Hole
Apple Releases OS Fix
Apple Patches KRACK Holes
Mac Backdoor Released by Media Player

The local privilege escalation vulnerability ended up found after Siguza started inspecting the iOS kernel for security flaws, only to discover the glitch in an extension of IOHIDFamily called IOHIDSystem that’s exclusively used on macOS. That component is a requirement for human interface devices (HID).

The exploit ends up triggered when the system logs out, such as during reboots or shutdowns, with certain security features of the OS being disabled, including System Integrity Protection (SIP) and Apple Mobile File Integrity (AMFI), Siguza said in a post.

The vulnerability has been around since 2002 and the reason he did not inform Apple first was because its bug bounty program does not include LPE flaws for macOS.

“One tiny, ugly bug. Fifteen years,” Siguza said. “Full system compromise.”

Apple will ship a patch for this vulnerability shortly.

Leave a Reply

You must be logged in to post a comment.