OS X has a major zero-day vulnerability that Apple apparently already knows about, yet, despite being informed of, has not fixed. It leaves the operating system open to malware attacks and new research from Malwarebytes sheds some additional light on the problem.
Malwarebytes said that one of its researchers, Adam Thomas, dug into the zero-day vulnerability that was discovered by Stefan Esser in July. Thomas found that he tested a new piece of malware and, to his surprise, found it was able to ultimately “gain root permissions via a Unix shell without needing a password.”
At that point, the script is able to install whatever it wants wherever it wants, the research firm explained, noting that it installed “a variant of the Genieo adware and the MacKeep junkware… as its final operation, it directs the user to the Download Shuttle app on the Mac App Store.”
It’s sort of a shocking revelation, at least if one considers that OS X and Macs have largely been immune to these sort of attacks, at least compared to Windows where they have been more common in the past. Weirder, Malwarebytes said Apple knows about this hole but hasn’t patched it yet, even in the most recent OS X Yosemite public releases.
Hit the source for a deeper dive into the adware installer that takes advantage of OS X’s security issues.