Security researchers warn that an unpatched flaw in some of the earlier versions of OS X and Yosemite lets criminals take over the compromised machine.
The escalation vulnerability dubbed Rootpipe allows the hackers to gain root access to the affected computer without entering the sudo password first. Sudo is created to block file deletion, code execution or any other delicate operation by unauthorized users on the particular PC.
Emil Kvarnhammar, a researcher with Trusec who discovered the flaw, explains that “sudo” requires a password which purpose is to stop the admin from gaining root access to the computer if he does not enter the correct password. The expert has performed binary analysis for a few days before finding the vulnerability.
Rootpipe is reportedly present in the following versions:
- 10.10, aka Yosemite
- 10.8.5
The available information so far is quite limited, but experts have not found any indication that the flaw can be exploited remotely. If this turns out to be true, the bug can be of use only to people who can physically access the compromised machine. In this case, the bug shouldn’t be considered that dangerous, but still needs to be fixed. Users looking for a temporary solution of the problem are advised to use “standard” instead of “admin” rights.
