Zero Day Mac OS Kernel Flaw

By

The vulnerability has been around for over 15 years, according the researcher who discovered it.

A security researcher who goes by the handle Siguza claims to have disclosed an unpatched zero-day vulnerability in the Mac OS kernel that allows an attacker to take complete control over the system.

The Hacker News reported the discovery, "The bug is a serious local privilege escalation (LPE) vulnerability that could enable an unprivileged user (attacker) to gain root access on the targeted system and execute malicious code. Malware designed to exploit this flaw could fully install itself deep within the system.”

Siguza has detailed the vulnerability in a write-up that was published on GitHub, “This is the tale of a Mac OS-only vulnerability in IOHIDFamily that yields kernel r/w and can be exploited by any unprivileged user."

Sigzua tweeted about it on 31 December, 2017. When asked by other Twitter users why he/she didn’t sell it to government or a blackhat, Sigzua responded, "My primary goal was to get the write-up out for people to read. I wouldn't sell to blackhats because I don't want to help their cause. I would've submitted it to Apple if their bug bounty included Mac OS, or if the vuln was remotely exploitable. Since neither of those is the case, I figured I'd just end 2017 with a bang because why not. But if I wanted to watch the world burn, I would be writing 0day ransomware rather than write-ups ;)"

01/02/2018
comments powered by Disqus