Swedish hacker finds ‘serious’ vulnerability in OS X Yosemite
A white-hat hacker from Sweden says he’s found a serious security hole in Apple’s Yosemite OS X that could allow an attacker to take control of your computer.
Emil Kvarnhammar, a hacker at Swedish security firm Truesec, calls the vulnerability “rootpipe” and has explained how he found it and how you can protect against it.
It’s a so-called privilege escalation vulnerability, which means that even without a password an attacker could gain the highest level of access on a machine, known as root access. From there, the attacker has full control of the system.
It affects the newest OS X release, version 10.10, known as Yosemite. Apple hasn’t fixed the flaw yet, he says, so Truesec won’t provide details yet of how it works.