Rootpipe exploit still an issue in Mac OS X, security expert finds

Apple iMac 2014 bottom screen
Patrick Wardle, a former NSA staffer, has revealed that Apple may have botched a patch of a significant vulnerability known as Rootpipe. Security Software Engineer Emil Kvarnhammar claimed in a blog post on April 9 that Apple had originally resolved the issue with the release of OS X 10.10.3. Now, Wardle has discovered that all Mac machines are still prone to attack, according to Forbes.

Apple initially learned of Rootpipe in October 2014, and planned for a fix by January 2015. In short, Rootpipe allows an attacker who has local access to a Mac product to achieve root privileges. This gives him or her full control of the machine without the need for additional authentication.

“I found a novel, yet trivial way for any local user to re-abuse Rootpipe — even on a fully patched OS X 10.10.3 system,” Wardle wrote in his own blog piece, posted on April 18. “In the spirit of responsible disclosure, (at this time), I won’t be providing the technical details of the attack (besides of course to Apple). However, I felt that in the meantime, OS X users should be aware of the risk.”

In an email to Forbes, Wardle went on to say that he was tempted to walk into an Apple store and try to exploit the issue on a display model. In the end, he did not do so, but wants to get the word out about the issue.

The Apple update that addressed the Rootpipe vulnerability claimed that Macs would now have “improved entitlement checking.” When it was released on April 8, the company was widely criticized for only providing a patch for newer editions of its Yosemite operating system.

Apple has been on the hot seat as of late for its security vulnerabilities. German Researcher Stefan Esser made waves with his reporting at the Syscan Conference, highlighting Apple’s iOS vulnerabilities.

Computing

Microsoft will end support for Windows 7 one year from now

Microsoft is set to end extended support for Windows 7 on January 14, 2020, putting a halt on the free bug fixes, and security patches for most who have the operating system installed. 
Movies & TV

From premiere date to footage: Here's all we have on 'Game of Thrones' season 8

With the eighth and final season looming, Game of Thrones fever has officially become a pandemic. Our list of all the relevant news and rumors will help make the wait more bearable, if you don't mind spoilers.
Mobile

The most expensive Galaxy S10 could be the priciest Galaxy phone we've seen

Not long now; with 2019 underway, the Samsung Galaxy S10 is almost here. Before it arrives, here's absolutely everything you need to know about all three of Samsung's next flagships.
Mobile

We tried all the latest and greatest smartphones to find the best of 2019

Smartphones are perhaps the most important and personal piece of tech on the planet. That’s why it’s important to pick the best phone for your individual needs. Here are the best smartphones you can buy.
Computing

Pinning websites to your taskbar is as easy as following these quick steps

Would you like to know how to pin a website to the taskbar in Windows 10 in order to use browser links like apps? Whichever browser you're using, it's easier than you might think. Here's how to get it done.
Computing

Stop your PC's vow of silence with these tips on how to fix audio problems

Sound problems got you down? Don't worry, with a few tweaks and tricks we'll get your sound card functioning as it should, and you listening to your favorite tunes and in-game audio in no time.
Computing

Chip off the auction block – Intel’s i9-9990XE may be sold to the highest bidder

Intel's alleged Core i9-9990XE may only be sold at auction to OEMs, meaning that only a few of the 14-core, 28-thread, 5GHz CPUs will ever see the light of day in specific devices and systems.
Computing

Yes, Android apps can run on your PC, and it's easier than you think

Wish you knew how to run Android apps in Windows? It's easier than you might think and there are a number of different ways to do it. In this guide, we break down the steps so you can follow along with ease.
Computing

Don't spend hundreds on Pro Tools or Logic. Try one of these free alternatives

Believe it or not, Pro Tools isn't the only digital audio workstation worth your time. Check out our picks for the best free recording software, whether you're looking for a lightweight app or a full-blown audio workstation.
Computing

How to share an external hard drive between Mac and Windows

Compatibility issues between Microsoft Windows and Apple MacOS may have diminished sharply over the years, but that doesn't mean they've completely disappeared. Here's how to make an external drive work between both operating systems.
Computing

Should you buy the affordable MacBook Air, or is the MacBook Pro worth the price?

Though they both share Retina Displays and similar keyboards, there are still some specs differences and other changes that differentiate the new 2018 MacBook Air and MacBook Pro. In this guide, we stack the two up against each other.
Android

Mobile World Congress (MWC) 2019: Complete Coverage

There's no bigger show for mobile tech geeks than Mobile World Congress in Barcelona, Spain: where flagship phones are born and intriguing new wearables shine. And this year, where foldable phones and 5G are likely to dominate the news. For…
Computing

Google is giving its G Suite web apps new touches of visual improvements

Your G Suite applications will soon have a different look. Several of the web apps are getting updated with subtle visual improvements inspired by Google's Material Design guidelines. 
Emerging Tech

CES 2019 recap: All the trends, products, and gadgets you missed

CES 2019 didn’t just give us a taste of the future, it offered a five-course meal. From 8K and Micro LED televisions to smart toilets, the show delivered with all the amazing gadgetry you could ask for. Here’s a look at all the big…