Despite having issued an update that patches the recent security flaw in OS X called “rootpipe,” security researchers are demonstrating that OS X is still open to this ongoing vulnerability. Rootpipe is a backdoor flaw in OS X where a hacker can break the OS X sandboxing rules that isolate running processes. In doing so, a program that does not have admin access can gain these privileges and get full root privileges to the system. Continue reading
Tag Archives: rootpipe
Latest OS X security updates fix ‘Rootpipe’ vulnerability
One recent security flaw in Apple’s Mac OS platform that gained some press recently was the Rootpipe vulnerability, where security researcher Emil Kvarnhammer found a method of hacking a Mac that could bypass OS X’s security and allow the hacker to gain full administrative control of the system. This issue, which took advantage of faulty entitlements for XPC processes (small tools launched on the behalf of an application to take on workloads and spread the risk of a crash from affecting the main application), allowed a developer to break the sandboxing rules in OS X. Continue reading
How to protect OS X from the “rootpipe” vulnerability
A relatively long-standing vulnerability in OS X has been uncovered by a Swedish hacker, Emil Kvarnhammar, who has dubbed it “rootpipe” by the so-far undisclosed method in which it can be used to take control of your Mac. In this vulnerability, a flaw allows a hacker to gain administrative access of a system without supplying a password, and then be able to interact with your Mac as an administrator. Continue reading