Meanwhile, a second group of security researchers found a potentially more serious bug that can permanently turn over control of your Mac to a hacker.Įven the most vicious malware can typically be deleted off your computer by reinstalling your operating system. Security researcher who goes by " on Twitter informed Apple of the bug long before Esser discovered it.Ī spokesman for Apple did not respond to a request for comment. That's because Apple has known about the vulnerability for a while, according to MalwareBytes.
The only known fix has been provided by Esser himself.Įsser noted the bug has been fixed in an upcoming patch to Yosemite as well as a beta version of OS X 10.11 (El Capitan). In the hack discovered by MalwareBytes, attackers installed notorious Mac malware including VSearch, MacKeeper and Genieo, and it launches a pop-up window that tells the Mac's owner to install the Download Shuttle app on the Mac App Store. That means the malware can install any file in any part of the system. But the bug allows malware to be listed in the Sudoers file as well. Yosemite lists those programs in a hidden file called Sudoers. The bug takes advantage of the way that Mac OS X 10.10 (Yosemite) decides which programs can make changes to your computer without your password. Related: Major Mac flaw spills your passwords
0 kommentar(er)
