On the Internet, details of a new vulnerability in Mac OS X appeared which there is no update available from Apple. Through the vulnerability can allow a local attacker who already has access to a system or a malicious app already installed enhance the rights.
It is reported via Hacker News and Reddit . An attacker can not take away or run this code on the system via the zero-day vulnerability. In this case, there is first requires an additional vulnerability. For users of Mac OS X Yosemite, there is no update available. The problem would by now have been addressed in Mac OS X 10:11 El Capitan, but this version is not yet rolled out to the general public.
Recently, a similar vulnerability in Mac OS X was revealed which at that time was still no update available from Apple. This zero-day vulnerability was finally an adware installer to install additional software with root privileges. This week Apple issued an update for Mac OS X that leak 133 fixed it in the operating system, including this vulnerability.
No comments:
Post a Comment