Apple set to patch zero-day flaw in Mac OS X software

Apple fixing security bug in Mac OSX — Apple will issue a patch for the bug which allows a hacker to gain root permission without a password Apple

Apple will patch a serious security vulnerability in its Mac OS X software that can allow hackers gain complete control of a victim's computer.

First made public at the end of July by security researcher Stefan Esser – without first reporting it to Apple – the "privilege escalation" bug is now being actively exploited by hackers to infect victims' Macs and MacBooks with adware.

The use of the vulnerability by hackers – discovered by researchers at Malwarebytes this week – has seemingly pushed Apple into action, with the Guardian reporting on Wednesday (5 August) that the iPhone maker will issue a patch for the bug which allows a hacker to gain root permission without the need for a password.

The Guardian claims Apple has already "taken interim measures to prevent further exploitation of the vulnerability, including revoking the credentials of developers who use it, and including any app which does so on the company's regularly updated list of malware".

The hackers were found to be exploiting the vulnerability use it to install versions of VSearch and Genio adware, alongside a copy of the controversial MacKeeper app. The result is victims are subjected to constant pop-up adverts while online searches will be redirected to generate revenue for the attackers.

Unpatched

The so-called DYLD vulnerability discovered by Esser is currently unpatched in Mac OS X Yosemite, but oddly the company has patched it in the beta version of Mac OS X El Capitan which some Apple customers are testing ahead of the final release next month.

The vulnerability relates to a new error-logging system Apple introduced in Mac OS X Yosemite and while privilege escalation bugs are not considered as critical as remote code execution vulnerabilities, they are still very serious.

It's been a bad week for Apple and its cybersecurity credentials, as researchers have also revealed a updated version of the Thunderstrike attack which allows hackers to spread malware using a worm which infects Macs through accessories plugged into the Thunderbolt port.

However, while the Thunderstrike 2 bug does allow hackers to rewrite your Mac's firmware and remain on a system even after you wipe your hard drive and reinstall the operating system, it is still seen as less of a threat than the DYLD bug as it has already been partially patched and is limited to Thunderbolt accessories which are themselves limited in number.