Apple Mac OS Zero-Day Flaw Disclosed

Apple Mac users are being confronted with the news of a zero-day vulnerability that affects all versions of the MacOS operating system.

Indeed, the flaw has been sitting around undiscovered for 15 years until it was published earlier this week by a researcher calling himself Siguza.

The flaw is the latest vulnerability found in the Mac operating system. Last month it was discovered that OSX.Pirrit adware was exploiting AppleScript to spy on Apple Mac users.

Root Access

The new flaw is dubbed IOHIDeous, in a detailed write up of the vulnerability published on GitHub.

“One tiny, ugly bug. Fifteen years. Full system compromise,” wrote Siguza.

Essentially, it seems that IOHIDeous is a local privilege escalation flaw that can be exploited only if an attacker has access to an Apple Mac — or previously compromised Mac.

However the flaw is serious (a zero-day flaw), as it would give an attacker root access to the machine.

Siguza said he had discovered the flaw after examining the IOHIDFamily looking for an iOS flaw, but he soon realised that some parts of the IOHIDFamily exist only on macOS, namely IOHIDSystem (which contains the flaw).

The flaw is only able to be exploited if a Mac user logs out, but Siguza warned that attackers could use a “sleeper program” that would trigger when a user logs off, reboots or shuts down the Mac.

He published proof-of-concept zero-day code on GitHub that shows how the macOS kernel exploit works.

Responsible Disclosure

Some will question why Siguza chose to not inform Apple of the flaw, or sell the exploit to either governments or black hats.

However, Siguza answered that in a Tweet, in which he explained that Apple’s bug bounty program does not include MacOS.

My primary goal was to get the write-up out for people to read,” he tweeted. “I wouldn’t sell to blackhats because I don’t wanna help their cause. I would’ve submitted to Apple if their bug bounty included macOS, or if the vuln was remotely exploitable.”

“Since neither of those were the case, I figured I’d just end 2017 with a bang because why not,” he added in a follow up tweet. “But if I wanted to watch the world burn, I would be writing 0day ransomware rather than write-ups ;)”

Apple Security

Apple’s security credentials have been dented in 2017 as more and more malware and vulnerabilities were discovered.

Last August for example Malwarebytes warned Apple Mac users that the days of their devices being relatively safe from malware were long over. It found that more Mac malware had been detected in Q2 2017 than in all of 2016.

In November Apple itself patched a serious root bug that could have allowed anyone to access a Mac system, but it turns out the problem could return when the official Apple fix was applied.

And in October a flaw was discovered that could have allowed anyone to gain access to encrypted hard disk volumes. That issue meant that when a user requested a password hint for certain encrypted volumes the operating system instead displayed the entire password.

Do you know all about security in 2017? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

12 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

13 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

14 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

15 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

18 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

19 hours ago