“Apple users are being advised to upgrade to the latest OS X release, version 10.10.3, as soon as possible following the disclosure of a hidden API which allows back-door access to a system-level account.,” Gareth Halfacree reports for bit-tech.
“Security researcher Emil Kvarnhammar has proven that with the publication of a hitherto unknown back-door API in the operating system which allows any user to break free of a restricted account and gain system-level privileges,” Halfacree reports. “The flaw, Kvarnhammar claims, has been present in the system going back to at least 2011 and potentially earlier. Apple was alerted to the problem in October of last year, and worked on a patch which was included in OS X 10.10.2. Unfortunately this patch was unaffected, and it’s only with the release of OS X 10.10.3 this week that the hole has been properly secured.”
More info and links in the full article here.
MacDailyNews Take: Take the time to upgrade your Mac to the latest OS or security updates as soon as possible.
Done.
There is a comment on the linked article’s page which states:
“Accompanying security updates for 10.9 and 10.8 have also been released. However 10.7 is being left unpatched and so potentially insecure.”
I am running 10.9.5 and do not see any updates using the “Software Update” function.
A similar article over at ArsTechnica stated the fix was only for 10.10 and also stated the attacker must have physical access to the Mac.
Thanks!
I do my best not to let nefarious types have physical access to my Mac… so I should be OK. But I upgraded to 10.10.3 just to be sure!
And really, is it a MAJOR security flaw if the attacker has to have physical access to your Mac? Significant? Something Apple should fix? Yes! But MAJOR?
IMHO: No. But the backdoor is there, so there’s some worry.
Why would you not just update to 10.10.3? I’m baffled by anyone who stays on older OS versions. Even my mother knows how to update Mac OS X.
Here’s a few reasons: Because updates sometimes break older software. Because Yosemite is slower than Mavericks. Because WiFi wasn’t working when I did upgrade to Yosemite, so I reverted. Because none of the new features prior to a security update were worth my time updating. There are others, but legitimate reasons to exist.
Sorry Tim, but the article is WRONG:
NO-> Accompanying security updates for 10.9 and 10.8 have also been released
I have no idea where he pulled that from, but he’s WRONG. It’s still uncertain, IMHO, whether Apple is going to patch 10.9 and 10.8. But Emil Kvarnhammar, who discovered the backdoor, believes Apple will NOT.
note: I’ve attempted to reply to the incorrect comment under the article. I registered, logged in, etc. But I am not being allowed to post. I tried. It disturbs me when people post misinformation.
Semi-rhetorically speaking:
1. Which operating systems and their versions are flawed and which are not.
2. Is a fix forthcoming ?
3. What is the name of the API ?
I elaborate on your questions below. But the quick answers:
1) OS X 10.10.2 on down through 10.7.x are affected. 10.6 and earlier have NOT been tested.
2) Emil Kvarnhammar, the security expert who discovered the backdoor, believes Apple will NOT be fixing earlier versions of OS X.
3) No name for the specific API has been disclosed. We know the API is accessible via the XPC Services API, which is part of libSystem. It is within the Admin framework. It provides ‘basic interprocess communication integrated with Grand Central Dispatch (GCD) and launchd.’ (<-To quote Apple)
They close one back door to create another, all part of the plan.
Only if they’re Microsoft.
I’ve been watching news about the ‘Rootpipe‘ security hole in OS X since late October. It’s not exactly easy to exploit. But it’s there.
Emil Kvarnhammar originally intended to publish the ‘backdoor’ in January, 2015. He’s been a lot kinder than Google, letting Apple take its time sorting out the problem. Sadly, Apple has ONLY repaired the problem in OS X 10.10.3. Meanwhile, the backdoor remains open on 10.9.5, 10.8.5 and 10.7.5. Earlier versions of OS X have not been studied. It’s unclear whether Apple plans to do further patching.
Emil Kvarnhammar believes Apple will NOT further patch the backdoor. Therefore, yesterday he has published several details about how he discovered and exploited the Rootpipe backdoor.
Hidden backdoor API to root privileges in Apple OS X
Emil will be be presenting full details about Rootpipe on May 28th at the Stockholm, Sweden Security Conference 2015.
Because of the difficulty in exploiting this backdoor, I’m kinda/sorta not worried. There is no Rootpile exploit in-the-wild. But it sure would be nice if Apple made us all feel comfy by closing up the backdoor at least back to 10.8.5, that being three versions back of OS X, as per their usual protocol.
So Apple? Yes? Please?!
Was this backdoor for purposes other than enabling System Preferences and systemsetup processes? Rather than get all paranoid, I’d say it doesn’t matter much at this point. At this point we know full well that the NSA has been breaking Fourth Amendment to the US Constitution as far back as 1989, during the George HW Bush administration. 😛 We also know that Apple is serious about making OS X and iOS secure against illegal surveillance, or certainly they’re putting on a darned good show, enough to apparently and supremely tick-off a lot of illegal surveillance maniacs within #MyStupidGovernment. 🙄
“Unfortunately this patch was unaffected…”
Don’t they mean “Unfortunately this patch was ineffective…”?
Apple has added few new features in Mac OS X and they are like more than 300 new Emoji characters added. It prevents Safari with safeguarding the website favicon URLs used in private browsing, improves stability and ensures security in Safari, improves WiFi performance and connectivity in various usage scenarios, improves compatibility with captive Wi-Fi network environments, fixes an issue that may cause Bluetooth devices to disconnect, improves screen sharing reliability and they fixed previously held bugs as well.