OS X Security Alert: Hackers Can Gain Access To Your PC, No Password Needed!
Hello everyone, how are you all doing today? I am doing alright. Most of you probably noticed that yesterday our server had some issues that continued until this morning. Our server where this site is hosted had some issues with some memory leaks, most likely some script is causing a issue but I am working on finding out what is going on. Things are fine though, you won’t notice anymore downtime regardless. Anyway, read on…
Today we will let you know about a scary Mac OS X security exploit that has been discovered in the latest OS X Yosemite that was released a few days ago. This does NOT effect those of you on OS X El Capitan.
We will partially quote this news from Engadget.com’s article, who were among the first to report this.
“The latest version of OS X Yosemite contains a serious flaw that hackers can use to attack your computer without ever needing your password. The issue is around a hidden document — Sudoers — which is effectively a list of permissions as to which pieces of software are allowed to mess around with your computer. Unfortunately, a change to how Yosemite stores the list means that it’s now possible to add malware to the register. As such, if you inadvertently run an offending script, hackers can take advantage of your computer’s unwitting hospitality to install crapware like VSearch and MacKeeper.
The vulnerability was discovered by old-school iOS jailbreaker Stefan Esser who, according to MalwareBytes, is accused of publicly revealing the flaw before telling Apple. That’s a big faux pas in the security community, with Google going toe-to-toe with Microsoft about revealing as-yet un-patched flaws that have a real risk of harming users.
Esser has offered-up his own kernel extension that could protect your machine against such attacks, which can be downloaded here. As Ars Technica says, however, installing a patch that didn’t come from the original developer can be a risky business and you should do so only if you know what you’re doing. Naturally, we’ve reached out to Apple in the hope of getting some official comment on when a patch will be released, but the company had yet to respond at the time of publication.
Update: Stefan Esser now believes that the particular hole has been closed in the beta version of OS X 10.10.5. In addition, people familiar with the matter have told us that the company is being proactive behind-the-scenes to ensure that its customers are protected.”
Quick Links: Search iTunes App Store Without iTunes | Top 5 Microsoft Office Alternatives On Mac OS X | Top 5 iTunes Alternatives On Mac | Top 5 Photoshop Alternatives On OS X | Top 5 BitTorrent Apps On OS X | Top 5 Mobile Device Management Apps | Spoof Your MAC Address On Mac OS X | How To Easily Upgrade OS X Server | Download Black Girl Wallpapers | Download Rolex Watch Wallpapers
Apple’s Post Of The Day: Remote Desktop Apps For Mac OS X