Italian Teenager Uncovers Two Zero-Day Vulnerabilities in OS X

11 years ago

PC World has reported that an Italian teenager has found two zero-day vulnerabilities in Apple’s Mac OS X operating system that could be used to gain remote access to a machine.

yosemite

Interestingly, the findings went public within a few days of Apple patching a local privilege escalation flaw disclosed earlier by Stefan Esser, a German researcher from security audit firm SektionEins.

The Italian teenager, Luca Todesco, shared his findings on GitHub. The exploit uses two bugs to cause a memory corruption in the OS X kernel, he said to PC World in an email. This cracks open the door to a hacker using the memory corruption condition to circumvent kernel address-space randomization (kASLR) to gain root access.

Unfortunately, the zero-day vulnerabilities affect all OS X versions from 10.9.5 to 10.10.5. Apparently, Apple is aware if the flaw, because it is fixed in the beta version of the next-generation OS X (10.11), El Capitan.

According to Todesco, he notified Apple “a few hours before he shared the exploit.” He has also developed a patch he calls NULLGuard, which can be downloaded from GitHub.

Want to see more of our stories on Google?

P.S. Want to keep this site truly independent? Support us by buying us a beer, treating us to a coffee, or shopping through Amazon here. Links in this post are affiliate links, so we earn a tiny commission at no charge to you. Thanks for supporting independent Canadian media!