Fortunately, the practical example of the exploit is a bit less sinister than that. By modifying the sudoers file, the file which contains the list of users that have root privileges, the software can erase the evidence of the exploit and will still have root privileges. From there, it silently uses an app called VSInstaller to install adware called VSearch, Genieo, and MacKeeper, three different pieces of malicious software, then launches an app store page for a download manager called Shuttle.
Security researcher Stefan Esser and another researcher made the exploit known to Apple privately, and then publicly weeks ago, but as of yet Apple hasn’t made any indication that there’s a solution on the horizon. Some users have reported the exploit no longer works in the El Capitan beta, but that has more to do with revamped file permissions and a change to the error reporting software.
For now, if you want to ensure you’re protected from the DYLD_PRINT_TO_FILE exploit, your only option is to install Esser’s SUIDGuard and have faith that his software is trustworthy. As always, your best line of defense is to run anti-virus software on your Mac, and ensure that you’re only downloading files and software from trusted sources like Apple.
Editors' Recommendations
- ChatGPT: how to use the viral AI chatbot that everyone’s talking about
- How to use Bing Image Creator to generate AI images for free
- Your Windows 11 screenshots may not be as private as you thought
- Bing Image Creator brings DALL-E AI-generated images to your browser
- The Windows 11 taskbar is getting an important new update
