Unpatched Apple macOS Security Flaw Gives Attackers Full Control of System
2017 proved to be a software fiasco for Apple, as the company struggled with a plethora of bugs, both security and non-security, impacting its mobile and desktop platforms.
On December 31, a new unpatched vulnerability in macOS went public, with all versions of the desktop operating system said to be affected, possibly including version 10.13.2 which was released on December 6.
Published by security researcher Siguza on Twitter, the security flaw allows an attacker to obtain root access and take full control of a system, though it’s important to know that a successful exploit requires local access to the computer to execute arbitrary code.
The local privilege escalation (LPE) vulnerability was discovered after the researcher started inspecting the iOS kernel for security flaws, only to discover the glitch in an extension of IOHIDFamily called IOHIDSystem that’s exc… (read more)