Title: tpwn OS X exploit: What you need to know Post by: HCK on August 18, 2015, 03:00:22 pm tpwn OS X exploit: What you need to know
<div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p><a href='http://www.imore.com/tpwn-os-x-exploit-what-you-need-know' title="tpwn OS X exploit: What you need to know"><img src='http://www.imore.com/sites/imore.com/files/styles/large_wm_blw/public/field/image/2014/11/13-inch-macbook-pro-bbedit-hotel-hero.jpg?itok=eCnashzg' />[/url]</p> <p>tpwn is a vulnerability that affects OS X 10.9.5 Mavericks through OS X 10.10.5 Yosemite, but does not affect the currently-in-beta OS X 10.11 El Capitan. With tpwn, malicious code on your Mac could escalate its privileges—gain "root" access—and potentially exploit the system. The vulnerability was released without warning—also known as a 0day—and without prior disclosure to Apple. That means Apple learned about it pretty much when the rest of the world did. <!--break--></p> <h2>What does tpwn do?</h2> <p>tpwn is a privilege escalation exploit, which means, to use a bad analogy, it's like a thief that can't break into your house by itself. It needs help to get in. Once in, however, it can break open your safe and rummage around. The vulnerability was disclosed on GitHub (https://github.com/kpwn/tpwn), and Macworld (http://www.macworld.com/article/2971772/security/italian-teen-finds-two-zeroday-vulnerabilities-in-os-x.html) followed up with the researcher to get the specifics:</p> <p>The exploit uses two bugs to cause a memory corruption in OS X's kernel, he wrote via email.</p> <p>The memory corruption condition can then be used to circumvent kernel address space layout randomization (kASLR), a defensive technique designed to thwart exploit code from running. The attacker then gains a root shell.</p> <p>The exploit code works in OS X versions 10.9.5 through 10.10.5. It is fixed in OS X 10.11, the beta version of the next Apple OS nicknamed El Capitan.</p><h2>Has Apple patched the problem?</h2> <p>Apple learned about the problem a couple of hours before the rest of the world so it will take the company some time to develop, test, and push out a patch for Mavericks and Yosemite.</p> <p>It is, however, already patched in the beta versions of OS X El Capitan, likely due to other changes made for Apple's upcoming version of the Mac OS.</p> <h2>Do I need to worry about twpn?</h2> <p>Worry is a strong word. There's no indication of attacks based on twpn "in the wild" and so the vast majority of people have very little to be concerned about at the moment. twpn would also need to be used in conjuncture with something else, like a social engineering attack that conned you into letting it onto your Mac, before it could do anything.</p> <p>So, the usual advice applies: Don't download software from any source you don't absolutely trust. That means the Mac App Store, major vendors like Microsoft or Adobe, and trusted developers, and even then only from direct links. Also, don't give someone you don't absolutely trust unfettered access to your Mac.</p> <p>Apple is also delivering new technologies with OS X El Capitan, including System Integrity Protection which limits what malware can do even if it escalates to root privileges.</p> <p>As soon as Apple has a patch ready, we'll let you know!</p> </div></div></div><br clear='all'/> <a href="http://rc.feedsportal.com/r/234567416699/u/49/f/616881/c/33998/s/49139729/sc/28/rc/1/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/234567416699/u/49/f/616881/c/33998/s/49139729/sc/28/rc/1/rc.img" border="0"/>[/url] <a href="http://rc.feedsportal.com/r/234567416699/u/49/f/616881/c/33998/s/49139729/sc/28/rc/2/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/234567416699/u/49/f/616881/c/33998/s/49139729/sc/28/rc/2/rc.img" border="0"/>[/url] <a href="http://rc.feedsportal.com/r/234567416699/u/49/f/616881/c/33998/s/49139729/sc/28/rc/3/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/234567416699/u/49/f/616881/c/33998/s/49139729/sc/28/rc/3/rc.img" border="0"/>[/url] <img src="http://da.feedsportal.com/r/234567416699/u/49/f/616881/c/33998/s/49139729/sc/28/a2.img" border="0"/> (http://da.feedsportal.com/r/234567416699/u/49/f/616881/c/33998/s/49139729/sc/28/a2.htm)<img width="1" height="1" src="http://pi.feedsportal.com/r/234567416699/u/49/f/616881/c/33998/s/49139729/sc/28/a2t.img" border="0"/><img width='1' height='1' src='(http://tipb.com.feedsportal.com/c/33998/f/616881/s/49139729/sc/28/mf.gif)' border='0'/><img src="http://feeds.feedburner.com/~r/TheIphoneBlog/~4/bdOIJ-8UfBw" height="1" width="1" alt=""/> Source: tpwn OS X exploit: What you need to know (http://feedproxy.google.com/~r/TheIphoneBlog/~3/bdOIJ-8UfBw/story01.htm) |