Italian Teenager Uncovers Two Zero-Day Vulnerabilities in OS X

PC World has reported that an Italian teenager has found two zero-day vulnerabilities in Apple’s Mac OS X operating system that could be used to gain remote access to a machine.


Interestingly, the findings went public within a few days of Apple patching a local privilege escalation flaw disclosed earlier by Stefan Esser, a German researcher from security audit firm SektionEins.

The Italian teenager, Luca Todesco, shared his findings on GitHub. The exploit uses two bugs to cause a memory corruption in the OS X kernel, he said to PC World in an email. This cracks open the door to a hacker using the memory corruption condition to circumvent kernel address-space randomization (kASLR) to gain root access.

Unfortunately, the zero-day vulnerabilities affect all OS X versions from 10.9.5 to 10.10.5. Apparently, Apple is aware if the flaw, because it is fixed in the beta version of the next-generation OS X (10.11), El Capitan.

According to Todesco, he notified Apple “a few hours before he shared the exploit.” He has also developed a patch he calls NULLGuard, which can be downloaded from GitHub.

Technology enthusiast, rocker, biker and writer of Follow me on Twitter or contact me via email: