A bug in the latest version of Apple's OS X gives attackers the ability to obtain unfettered root user privileges, a feat that makes it easier to surreptitiously infect Macs with rootkits and other types of persistent malware.
The privilege-escalation bug, which was reported in a blog post published Tuesday by security researcher Stefan Esser, is the type of security hole attackers regularly exploit to bypass security protections built into modern operating systems and applications. Hacking Team, the Italian malware-as-a-service provider that catered to governments around the world, recently exploited similar elevation-of-privileges bugs in Microsoft Windows. When combined with a zero-day exploit targeting Adobe's Flash media player, Hacking Team was able to pierce security protections built into Google Chrome, widely regarded as the Internet's most secure browser by default.
According to Esser, the OS X privilege-escalation flaw stems from new error-logging features that Apple added to OS X 10.10. Developers didn't use standard safeguards involving additions to the OS X dynamic linker dyld, a failure that allows attackers to open or create files with root privileges that can reside anywhere in the OS X file system.