Like what I
have been saying before, albeit I have never written a post about it, the Mac
OS will have to deal with bugs that allow hackers to get into its system in the
future. Similar to Microsoft, it was necessary for Apple to release an update to
plug a hole in its system or else access will be given to hackers to the entire
OS.
The Mac OS X
10.10.5 update was released near the middle of last week to deal with a number
of glitches and holes in the system. On particular hole was considered a rather
serious threat to Mac users since it would allow hackers to control programs on
a Mac from a remote location. Since hackers will have administrator rights,
they can access just about everything in the operating system. A report from The Guardian revealed that the vulnerability was already exploited by an adware
installer.
Mac OS X Yosemite
(Image Credit: http:// www.ibtimes.co.uk)
|
Yes, the Mac
OS has been viewed as a more secure OS compared to Windows, but nothing ever
lasts forever. Apple had to deal with a number of bugs in the past and none of
them was comparable to what was discovered recently by Stefan Esser, a security
researcher. In a recent tweet, Esser
revealed that the 10.10.5 update may have fixed a number of bugs in the system it
also created another problem that is considered “worse than before. “ However,
Esser did not give any indications as to what was made worse than before.
SecurityWeek, a security news site, said Esser warned Mac users from installing
the SUIDGuard kernel extension that prevents attacks that use the hole in the DYLD_PRINT_TO_FILE
environment variable of the Mac OS X.
Hmm so Apple released 10.10.5 fixed some bugs and made another security problem worse than before.
— Stefan Esser (@i0n1c) August 13, 2015
The main
difference between Apple and Microsoft is that the latter regularly releases
updates through the Patch Tuesday program where patches are released each
month. The latest update of Apple deals with over a hundred bugs affecting the
Mac OS X kernel, QuickTime, Bluetooth and the Notification Center of Mac, among
others.
The details
of the latest update indicate that vulnerability will allow local users to execute
“arbitrary code with system privileges." A “path validation issue” was the
main cause of the issue in the DYLD and the issue was dealt with through an
enhanced sanitization of the environment, Apple revealed. No other statements
were released by Apple in connection to its latest update.
No comments:
Post a Comment