“Apple users are being advised to upgrade to the latest OS X release, version 10.10.3, as soon as possible following the disclosure of a hidden API which allows back-door access to a system-level account.,” Gareth Halfacree reports for bit-tech.
“Security researcher Emil Kvarnhammar has proven that with the publication of a hitherto unknown back-door API in the operating system which allows any user to break free of a restricted account and gain system-level privileges,” Halfacree reports. “The flaw, Kvarnhammar claims, has been present in the system going back to at least 2011 and potentially earlier. Apple was alerted to the problem in October of last year, and worked on a patch which was included in OS X 10.10.2. Unfortunately this patch was unaffected, and it’s only with the release of OS X 10.10.3 this week that the hole has been properly secured.”
More info and links in the full article here.
MacDailyNews Take: Take the time to upgrade your Mac to the latest OS or security updates as soon as possible.