Exploit released for Mac OS X flaw

Computer code that exploits a flaw in Apple Computer's Mac OS X was released over the weekend.

The code takes advantage of a weakness in core parts of Mac OS X and could let a user gain additional privileges. Apple provided a fix for the error-handling mechanism of the kernel last week, but the exploit appears to have been authored before then.

"It appears to have been written well before the vulnerability was fixed," said Dino Dai Zovi, a researcher with Matasano Security who was credited by Apple with discovering the flaw when the patch was released. "It appears to be a zero-day exploit and may have been distributed before the patch was released."

Apple representatives did not immediately return calls for comment.

Public exploits, while common for Microsoft's Windows, are a rarity for Mac OS X. "More people are looking for vulnerabilities in Mac OS X," Dai Zovi said.

The vulnerability could be exploited by a local attacker or someone with privileges to remotely log-on to a machine. Macs that are used by multiple people as well as servers with remote access capabilities are most at risk, experts said. A user with limited privileges could exploit the flaw to possibly gain full system access.

"The risk presented by this exploit is limited by the fact that it can only be exploited by a logged-in user, although the user may also be logged in remotely," Dai Zovi said. "The issue is also mitigated by the fact that a patch has already been released."

MacOS X by default checks for updates weekly, which means most Mac OS X systems will not be vulnerable much longer.

The exploit as it was publicly released does not do anything destructive; instead it runs the "/usr/bin/id" utility to show that the user enjoys full administrator privileges.

"I can then make it do anything I want," said Matthijs van Duin, creator of the exploit. "An ill-intended person with at least some skill could modify it to spawn a root shell."

Dai Zovi agreed, a knowledgeable user can easily replace or modify the exploit payload to run a full-access root shell, he said.

Talkback 0 comments

Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

  • Brad Howarth The key Topik is always money
    One of the big problems of the internet is that is practically impossible to keep up-to-date on preferred topics. You can limit your sources, but this can mean missing a lot of valuable data.
  • Array Do we need the legislative blackmail?
    Virtually everyone in the telecommunications industry has their say in the Senate Standing Committee's public hearing into the pending legislation to split up Telstra, in this week's Twisted Wire podcast.
  • Array Give Tax a break for a Change
    Considering the circumstances the Australian Taxation Office's (ATO) Change Program has been operating in over the last few years, it really hasn't been going too badly.
  • More blogs »

Tags

  1. 57 articles are tagged with accenture
  2. 236 articles are tagged with acquisition
  3. 39 articles are tagged with afact
  4. 140 articles are tagged with ato
  5. 47 articles are tagged with bittorrent
  6. 1301 articles are tagged with broadband
  7. 60 articles are tagged with cepu
  8. 250 articles are tagged with conroy
  9. 391 articles are tagged with copyright
  10. 44 articles are tagged with david thodey
  11. 514 articles are tagged with dell
  12. 9 articles are tagged with feed
  13. 1040 articles are tagged with google
  14. 1029 articles are tagged with government
  15. 787 articles are tagged with hp
  16. 1299 articles are tagged with ibm
  17. 218 articles are tagged with iinet
  18. 5 articles are tagged with iitrial
  19. 114 articles are tagged with legislation
  20. 13 articles are tagged with longhaus
  21. 33 articles are tagged with michael malone
  22. 1474 articles are tagged with microsoft
  23. 30 articles are tagged with mike quigley
  24. 50 articles are tagged with minchin
  25. 1123 articles are tagged with mobile
  26. 356 articles are tagged with mobile phone
  27. 37 articles are tagged with national australia bank
  28. 208 articles are tagged with national broadband network
  29. 378 articles are tagged with nbn
  30. 196 articles are tagged with new zealand
  31. 27 articles are tagged with nick minchin
  32. 716 articles are tagged with oracle
  33. 101 articles are tagged with retail
  34. 53 articles are tagged with senate
  35. 66 articles are tagged with separation
  36. 1291 articles are tagged with software
  37. 176 articles are tagged with stephen conroy
  38. 57 articles are tagged with strike
  39. 27 articles are tagged with supply chain
  40. 174 articles are tagged with sydney
  41. 60 articles are tagged with telecom nz
  42. 2426 articles are tagged with telstra
  43. 133 articles are tagged with tender
  44. 23 articles are tagged with thodey
  45. 48 articles are tagged with twitter
  46. 109 articles are tagged with union
  47. 170 articles are tagged with victoria
  48. 200 articles are tagged with video
  49. 2 articles are tagged with win7au
  50. 88 articles are tagged with windows 7

Back to top

Featured