A new zero-day flaw that could give hackers root access to Apple Macs has been discovered by 18-year-old Italian security researcher Luca Todesco.
But Todesco has run into heavy criticism forrevealing the bug on GitHub last Sunday without giving Apple time to patch it. Others in the industry have leapt to his defence, blaming Apple in turn for failing to offer vulnerability researchers bug bounty rewards.
Todesco says that the privilege escalation flaw is a threat to Mac users running OS X Yosemite and Mavericks versions 10.10 and 10.9, but not the latest El Capitan version 10.11 which is in beta test.
The bug in Apple’s IOKitLib interface code allows hackers to exploits a flaw in the way OS X manages NULL pointers in programs to inject their own malicious code.
Symantec has independently analysed Todesco’s proof-of-concept and confirmed the bug exists, saying in a 17 August blog: “The exploit uses two different vulnerabilities to create a memory corruption in the OS X kernel. This is then used to bypass security features that block exploit code from running, providing the attacker with root access.”
View full story