Posted by: David Harley | August 4, 2015

DYLD_PRINT_TO_FILE exploit

More on the Yosemite 0-day mentioned here, now appearing in an exploit near you….

  • Thomas Reed explains on behalf of Malwarebytes, whose Adam Thomas “discovered a new adware installer, and while testing it, he discovered something very strange: his sudoers file had been modified!” about the DYLD_PRINT_TO_FILE exploit found in the wild. As Thomas points out:
    …there is no good way to protect yourself, short of installing Esser’s software to protect against the very flaw that he released into the hands of hackers worldwide, which introduces some serious questions about ethics and conflict of interest.

The good news is that anti-malware seems to be detecting samples making use of the exploit already.

David Harley

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: