Apple has just released OS X 10.11.4 which patches a long list of vulnerabilities the system includes, but it looks as though they forgot to patch one major flaw that gives hackers near-total control of any Mac. The zero-day vulnerability was discovered by SentinelOne, as reported by The Next Web.
The major security flaw allows hackers to execute code that was thought to be protected by Apple’s new kernel defense, System Identity Protection (SIP).
“Our researchers recently uncovered a major flaw which allows for local privilege escalation and bypass of System Integrity Protection, Apple’s newest protection feature,” SentinelOne announced in a blog post.
SIP, often called rootless, was first introduced with El Capitan and prevents OS X from being compromised by malicious code. SIP locks down specific system-level locations in the file system while simultaneously preventing certain processes from attaching system-level processes.
SentinelOne’s lead OS X security expert, Pedro Vilaça, presented the firm’s findings on March 24 at SysCan360 2016 in Singapore, detailing how a hacker could attack SIP, while the system is virtually unable to detect it.
The problem is that once the hacker bypasses SIP, he or she can gain near total control of your Mac. Apple has been notified, and a patch will be issued, but no time frame has been given.