Pages: [1]   Go Down
  Print  
Author Topic: DYLD_PRINT_TO_FILE exploit: What you need to know  (Read 454 times)
HCK
Global Moderator
Hero Member
*****
Posts: 79425



« on: July 24, 2015, 09:00:18 am »

DYLD_PRINT_TO_FILE exploit: What you need to know

<div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p><a href='http://www.imore.com/dyldprinttofile-exploit-what-you-need-know' title="DYLD_PRINT_TO_FILE exploit: What you need to know"><img src='http://www.imore.com/sites/imore.com/files/styles/large_wm_blw/public/field/image/2014/10/yosemite_design_mac_pro_hero_1.jpg?itok=N4ZCCiPV' />[/url]</p> <p class="intro">DYLD_PRINT_TO_FILE is a recently-disclosed privilege escalation vulnerability on OS X Yosemite.</p> <p>"Privilege escalation" means that if someone already has malicious code in your Mac, they can use something like DYLD_PRINT_TO_FILE to gain deeper access to the system. To make a bad analogy, if they've already broken into your house, they can break into the locked drawer in your desk as well. Stefen Esser:</p>
<p>With the release of OS X 10.10 Apple added some new features to the dynamic linker dyld. One of these features is the new environment variable DYLD_PRINT_TO_FILE that enables error logging to an arbitrary file. [
...] The problem with this code is that it does not come with any safeguards that are required when adding new environment variables to the dynamic linker.</p> <p>Esser goes on to say that the vulnerability does not affect OS X 10.11 El Capitan, but does affect all current versions of Yosemite. It's safe to assume Apple knows all of this and it'll be fixed in the next update for OS X 10.10 Yosemite as well.</p> <p>In the meantime, if you think you're at risk, and you're comfortable with kernel extensions, Essar has also posted an interim fix, called SUIDGuard on GitHub.</p> <p>Apple fixed multiple privilege escalation bugs in OS X 10.10.4. Why this particular bug got more attention than those is likely due to how it was disclosed, its nature, and the easy headlines it made for re-bloggers.</p> <p>Again, OS X El Capitan is not vulnerable. El Cap also adds new features like System Integrity Protection which brings iOS-style root-level defense to the Mac, and along with existing systems like Gatekeeper, Sandboxing, anti-malware, and the Mac App Store make it harder for exploits of all types to do damage even if and when they're encountered.</p> <p>So, as always, stay informed but don't let any sensationalized headlines get to you.</p> </div></div></div><br clear='all'/>

<a href="http://rc.feedsportal.com/r/234565991109/u/49/f/616881/c/33998/s/48621b6f/sc/15/rc/1/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/234565991109/u/49/f/616881/c/33998/s/48621b6f/sc/15/rc/1/rc.img" border="0"/>[/url]

<a href="http://rc.feedsportal.com/r/234565991109/u/49/f/616881/c/33998/s/48621b6f/sc/15/rc/2/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/234565991109/u/49/f/616881/c/33998/s/48621b6f/sc/15/rc/2/rc.img" border="0"/>[/url]

<a href="http://rc.feedsportal.com/r/234565991109/u/49/f/616881/c/33998/s/48621b6f/sc/15/rc/3/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/234565991109/u/49/f/616881/c/33998/s/48621b6f/sc/15/rc/3/rc.img" border="0"/>[/url]

<img src="[url]http://da.feedsportal.com/r/234565991109/u/49/f/616881/c/33998/s/48621b6f/sc/15/a2.img" border="0"/>[/url]<img width="1" height="1" src="http://pi.feedsportal.com/r/234565991109/u/49/f/616881/c/33998/s/48621b6f/sc/15/a2t.img" border="0"/><img width='1' height='1' src='' border='0'/><img src="http://feeds.feedburner.com/~r/TheIphoneBlog/~4/pPF45F1v6i0" height="1" width="1" alt=""/>

Source: DYLD_PRINT_TO_FILE exploit: What you need to know
Logged
Pages: [1]   Go Up
  Print  
 
Jump to: