#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 9°C Wednesday 20 October 2021

Own a Mac? You'll want to know about these security flaws...

One of which would allow an attacker to install software onto your computer without needing a password.

Image: Shutterstock/PathDoc

THE GENERAL CONSENSUS is that Apple computers tend to be safer than Windows since it’s more controlled, but that might not be the case.

A flaw in OS X, the software that runs on Mac computers, allows hackers to attack a computer and install software on it whenever they wish.

The flaw concerns a hidden document called Sudoers which is a list of permissions each piece of software has on your computer. A change to how OS X Yosemite stores the list means malware can now be added to it and if an attacker gains access, they can install junkware onto your computer.

Security software company Malwarebytes say the first known exploit happened yesterday after one of its researchers found his Sudoers file modified after discovering and testing a new adware installer.

Currently, no fix for the problem has been released by Apple. There is an extension from security researcher and software developer Esser, but as Ars Technica notes, installing a patch that doesn’t come from the official developer can be risky and should only be installed once you check it out and know what you’re doing.

Thunderbolt 2

The other issue, recently patched by the latest update, involved a computer worm that can go deep inside Mac computers, and avoid detection by antivirus software.

The worm, which was designed by two security researchers, achieves this is by installing itself into a Mac’s firmware – the software used to boot up a computer – which antivirus software doesn’t scan.

Once it’s there, it can spread between devices that are not networked by travelling through a Thunderbolt Ethernet adapter, writing itself into a Mac’s firmware  and remaining undetected.

The worm, called Thunderstrike 2, can also avoid an entire system reboot, and was discovered by two security researchers, who informed Apple about the flaw.

The first Thunderstrike exploit required the hacker to have physical access to the computer, but this one bypasses this problem and can be delivered via a link. Both exploits were fixed by recent updates, the latest update to OS X (10.10.4) prevents this from happening.

One of the researchers who designed the worm, Xeno Kovah, told Wired that the nature of the attack meant that there would be only one real way for most people to get rid of it: replace the machine entirely.

[It's] really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware… For most users that’s really a throw-your-machine-away kind of situation.

Source: LegbaCore/YouTube

Read: Not content with just smartphones, Apple wants to launch its own mobile network >

Read: Can your phone’s battery really be used to spy on you? >

About the author:

Quinton O'Reilly

Read next:


This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

    Leave a commentcancel