New zero day vulnerability found in latest mac os x after Local Privilege Escalation Vulnerability"DYLD_PRINT_TO_FILE" in earlier version of mac10.10 As per the researchers of anti-malware firm malwarebytes,New vulnerability allow the attackers to bypass the system password of mac and install the malware in the system.This is because Developers didn't use standard safeguards involving additions to the OS X dynamic linker dyld, a failure that lets attackers open or create files with root privileges that can reside anywhere in the OS X file system.This vulnerability is similer to the vulnerability discovered by German researcher Stefan Esser last week.
How to Bypass the system password of mac?
Researchers from anti-malware firm Malwarebytes aforesaid a brand new malicious installer is exploiting the vulnerability to sneakily infect Macs with many styles of adware together with VSearch, a variant of the Genieo package, and also the MacKeeper junkware. Malwarebytesinvestigator Adam Thomas came upon the exploit when finding the installer changed the sudoers configuration file.Making changes in the configuration file allow the attackers to access the mac system without credentials and install exploit.
Changes made in sudoers file to to gain root permission using unix shell
Security researchers also published the modified code,which allow the researchers to gain the root access in unix system.Researchers published the code in blog post.
Snippet of code are given below:
Privilege escalation vulnerabilities became increasing more vital to hackers in an age of security sandboxes and alternative exploit mitigations. usually attackers can mix attack that exploits a vulnerability within the OS kernel with a separate data revelation or privilege-elevation bug that permits the primary exploit to bypass the protection measures.
The dyld flaw works in 10.4 version of mac os x but it is not working in the latest version of mac os x 10.11 This indicates that above vulnerability is in the knowledge of apple developers.Until Apple fixes the bug, mac users haven't got any smart choices. One is to put in a patch Esser created. whereas Esser is a revered security scientist and computer code developer, many of us disapprove of updates that are not expressly sanctioned by the official developer. It is advises readers to powerfully investigate Esser's patch before putting in it.
