Skip to main content

So much for the unhackable Mac: Root exploit hits the wild with no fix in sight

restore a Mac to factory settings
There’s a common misconception that Macs aren’t susceptible to any sort of malware or virus, but if evidence of exploits in the past hasn’t convinced you that isn’t the case, this news from Malwarebytes might. A recently discovered exploit, known by the file that makes it possible, DYLD_PRINT_TO_FILE, allows attackers to use the error reporting system within Mac OS X to create a file with root privileges. Once software has access to your root, it can manage every aspect of your system from installing malicious applications to locking you out entirely.

Fortunately, the practical example of the exploit is a bit less sinister than that. By modifying the sudoers file, the file which contains the list of users that have root privileges, the software can erase the evidence of the exploit and will still have root privileges. From there, it silently uses an app called VSInstaller to install adware called VSearch, Genieo, and MacKeeper, three different pieces of malicious software, then launches an app store page for a download manager called Shuttle.

Related Videos

Security researcher Stefan Esser and another researcher made the exploit known to Apple privately, and then publicly weeks ago, but as of yet Apple hasn’t made any indication that there’s a solution on the horizon. Some users have reported the exploit no longer works in the El Capitan beta, but that has more to do with revamped file permissions and a change to the error reporting software.

For now, if you want to ensure you’re protected from the DYLD_PRINT_TO_FILE exploit, your only option is to install Esser’s SUIDGuard and have faith that his software is trustworthy. As always, your best line of defense is to run anti-virus software on your Mac, and ensure that you’re only downloading files and software from trusted sources like Apple.

Editors' Recommendations

The most common Chromebook problems and how to fix them
A person working on a Toshiba Chromebook.

Chromebooks are great alternatives to MacBooks and Windows 10 laptops, but they aren’t perfect. Any laptop computer is bound to have issues, and some of the most common problems faced by Chromebook users can feel difficult or even impossible to solve on their own. 

From issues with updates to internet connectivity, troubleshooting common Chromebook problems doesn’t have to ruin your day. Read on to discover easy fixes for the most frequent issues Chromebook users face. 
The Diagnostics app

Read more
Ranking all 12 versions of Windows, from worst to best
Windows 7 desktop.

You can tell a person's age by which version of Windows is their favorite. I have fond memories of XP and Windows 98 SE, so you can take a guess at mine, but I have colleagues who are much more enamored with Windows 7, or Windows 95. We all have something disparaging to say about Windows 8 though, and the less said about Windows Vista the better.

Ranking the different versions of Windows is about more than what era of computing you grew up in, though. There are some very serious duds in Microsoft's back catalog, just as there are a few wins too. But whether you can look back on some of Microsoft's disastrous releases with rose-tinted glasses, or have some genuine love for Microsoft's missteps, here's every version of Windows ranked from best to worst.
12. Windows ME

Read more
If you use this free password manager, your passwords might be at risk
Office computer with login asking for password and username.

Researchers have just found a flaw within Bitwarden, a popular password manager. If exploited, the bug could give hackers access to login credentials, compromising various accounts.

The flaw within Bitwarden was spotted by Flashpoint, a security analysis firm. While the issue hasn't received much -- or any -- coverage in the past, it appears that Bitwarden was aware of it all along. Here's how it works.

Read more