White hat hacker finds vulnerability in OS X
Posted by: Timothy Weaver on 10/31/2014 10:11 AM
[
Comments
]
Emil Kvarnhammar, a white hat hacker at Swedish security firm Truesec, discovered a security hole in Apple’s Yosemite OS X that could allow an attacker to take control of your computer.
The security hole is a privilege escalation vulnerability, which would allow an attacker to gain the highest level of access on a machine. From there, the hacker has full control of the system.
The security hole affects the newest OS X release, also known as Yosemite. Apple hasn't fixed the flaw as of yet,
There are ways to protect your system from this vulnerability. First, you need to not run your machine with an admin account—that is, one that has admin privileges. His tip is to create a new account and assign it admin privileges, and call it “admin” or something similar. Then log into the admin account and remove the admin permissions from the other account you’ll be using day in and day out.
For the user, they’ll have to enter an admin password when they want to install new software or make some other change, but it might be worth the hassle until the flaw gets fixed.
The security hole is a privilege escalation vulnerability, which would allow an attacker to gain the highest level of access on a machine. From there, the hacker has full control of the system.
The security hole affects the newest OS X release, also known as Yosemite. Apple hasn't fixed the flaw as of yet,
There are ways to protect your system from this vulnerability. First, you need to not run your machine with an admin account—that is, one that has admin privileges. His tip is to create a new account and assign it admin privileges, and call it “admin” or something similar. Then log into the admin account and remove the admin permissions from the other account you’ll be using day in and day out.
For the user, they’ll have to enter an admin password when they want to install new software or make some other change, but it might be worth the hassle until the flaw gets fixed.
Comments
