A zero-day vulnerability in OS X which was discovered about a month ago, has unfortunately now appeared in the wild with its first known exploit.
Lane Thames, Software Development Engineer and Security Researcher at Tripwire explains what the implications of zero-day vulnerability in OS X can be :
Lane Thames, Software Development Engineer and Security Researcher at Tripwire :
“Based on reports that are surfacing, this bug could open doors for malvertising. The Malwarebytes report suggests that this DYLD-Print_to_File zero-day bug was used by an adware installer that was able to add commands to the system’s “sudoers” file. The sudoers file in Unix-based operating systems such as OS X essentially allows an administrator to give non-administrative users privileged, administrative rights to run certain programs. If non-administrative users, i.e. non-root users, are able to update this file, then essentially they can take over the entire system, and that appears to be the case from the Malwarebytes adware analysis.”[su_box title=”About Tripwire” style=”noise” box_color=”#336588″]Tripwire, Inc., a global provider of risk-based security and compliance management solutions, today announced Tripwire® Enterprise™ version 8.3 featuring a new, stand-alone Policy Manager™. Tripwire Policy Manager provides the detailed visibility into system configurations critical to minimizing security risks and ensuring compliance.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.