Title: BrandPost: Full macOS Compromise Using 15-Year-Old Bug Post by: HCK on January 29, 2018, 04:05:12 pm BrandPost: Full macOS Compromise Using 15-Year-Old Bug
<article> <section class="page"> <p>A recently discovered vulnerability in macOS allows for full system compromise of macOS versions dating back 15 years. Residing in the "IOHIDFamily" component – notoriously used in the past to exploit various race conditions leading to system compromise – the vulnerability doesn’t seem remotely exploitable by itself, although it has existed for at least 15 years.</p><p>Triggered only by local access to a Mac, all macOS versions up to 10.13.1 appear to be affected. Security researcher Siguza warns that the vulnerability can still be weaponized to be remotely exploitable if a “sleeper program” – or malware with similar behavior – simply waits for the user to log out, reboot, or shut down, before activating the vulnerability.</p><p class="jumpTag"><a href="/article/3250125/macs/full-macos-compromise-using-15-year-old-bug.html#jump">To read this article in full, please click here[/url]</p></section></article> Source: BrandPost: Full macOS Compromise Using 15-Year-Old Bug (https://www.macworld.com/article/3250125/macs/full-macos-compromise-using-15-year-old-bug.html#tk.rss_all) |