Posted by: David Harley | April 21, 2015

Yosemite and Rootpipe

Further to my recent blog on That OS X Backdoor… I mentioned that the vulnerability flagged by Emil  Kvarnhammar – Hidden backdoor API to root privileges in Apple OS X – had been fixed in an update to Yosemite, but that earlier versions of OS X would not be patched.

Today, The Register followed up on its report on the issue with an article that tells us that OS X Yosemite still open to Rootpipe backdoor, warns ex-NSA bod. Synack’s Patrick Wardle – who presented an interesting paper at Virus Bulletin 2014 on Methods of malware persistence on Mac OS X – has announced that:

I found a novel, yet trivial way for any local user to re-abuse rootpipe – even on a fully patched OS X 10.10.3 system. I the spirit of responsible disclosure, (at this time), I won’t be providing the technical details of the attack (besides of course to Apple). However, I felt that in the meantime, OS X users should be aware of the risk.

 According to Shaun Nichols’ article for The Register, Apple has not so far been available for comment.

David Harley
Small Blue-Green World


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: