Apple initially learned of Rootpipe in October 2014, and planned for a fix by January 2015. In short, Rootpipe allows an attacker who has local access to a Mac product to achieve root privileges. This gives him or her full control of the machine without the need for additional authentication.
“I found a novel, yet trivial way for any local user to re-abuse Rootpipe — even on a fully patched OS X 10.10.3 system,” Wardle wrote in his own blog piece, posted on April 18. “In the spirit of responsible disclosure, (at this time), I won’t be providing the technical details of the attack (besides of course to Apple). However, I felt that in the meantime, OS X users should be aware of the risk.”
In an email to Forbes, Wardle went on to say that he was tempted to walk into an Apple store and try to exploit the issue on a display model. In the end, he did not do so, but wants to get the word out about the issue.
The Apple update that addressed the Rootpipe vulnerability claimed that Macs would now have “improved entitlement checking.” When it was released on April 8, the company was widely criticized for only providing a patch for newer editions of its Yosemite operating system.
Apple has been on the hot seat as of late for its security vulnerabilities. German Researcher Stefan Esser made waves with his reporting at the Syscan Conference, highlighting Apple’s iOS vulnerabilities.
Editors' Recommendations
- ProtonVPN and NordVPN patched up vulnerabilities before they became known
- Critical MacOS Mojave vulnerability bypasses system security
- Security flaw on modern PCs could leave your encrypted data exposed
- Windows Insiders get fix for October 2018 Update’s data delete bug
- Opinion: Apple needs to modernize its antiquated annual app update routine
