An Italian expert discovered two zero-day flaws in MAC OS X

Pierluigi Paganini August 17, 2015

An Italian security researcher has discovered two zero-day vulnerabilities in Apple MAC OS X that could be exploited to gain remote access to a PC.

An Italian teenager, Luca Todesco, has found a couple of critical zero-day vulnerabilities in Apple OS X operating system that could be exploited to gain remote access to a PC.

The expert discovered the security flaws in Apple OS X after Apple issued a security update of the MAC OS X Yosemite v10.10.5 (Security Update 2015-006) that fixed a local privilege escalation vulnerability that was used by some miscreants to load questionable programs onto computers.

MAC OS X Yosemite zero-day

Todesco, published the exploit code he developed on GitHub, it triggers two vulnerabilities to cause a memory corruption in OS X’s kernel and circumvent the kernel address space layout randomization (kASLR) used to prevent buffer overflow attacks.

The code published on GitHub also includes a patch called NULLGuard.

According Todesco, the attacker can run the exploit code to gain a root shell on the target OS X machine.

The exploit code works in OS X versions 10.9.5 through 10.10.5, the version OS X 10.11 fixed it.

Todesco reported the security issues to Apple “a few hours before the exploit was published.”

“This is not due to me having issues with Apple’s patch policies/time frames, as others have incorrectly reported,” Todesco wrote.

Pierluigi Paganini

(Security Affairs – Mac OS X, zero-day)

you might also like

leave a comment