Site icon The Mac Security Blog

Rootpipe Flaw in OS X Could Allow Hackers to Completely Take Over Your Mac

For day-to-day activities on your Mac—such as browsing the web, writing documents or checking your emails—are you using an account with Admin privileges?

I hope not. Because if you are, you’re putting yourself and the data stored on your computer at greater risk.

The risk is borne out by a newly discovered vulnerability in some versions of OS X (including the newly-released 10.10 Yosemite) that could allow a hacker to take complete control of your iMac or MacBook.

Swedish security researcher, Emil Kvarnhammar, calls the as-yet-unpatched privilege escalation bug “Rootpipe,” and says that a malicious hacker could gain root access—the highest level of access—without having to know a password. And once an attacker has root access, all bets are off.

“Normally there are ‘sudo’ password requirements, which work as a barrier, so the admin can’t gain root access without entering the correct password. However, rootpipe circumvents this,” Kvarnhammar was reported as saying.

A YouTube video—with a decidedly funky beat—shows the vulnerability in action:

Obviously this is a serious security hole, and eyes will be turning towards Cupertino in the hope that it will be fixed quickly.

The good news is that Kvarnhammar believes in responsible disclosure, and has not released details of how to exploit the vulnerability. If such details were made public there is a very real risk that malicious hackers could take advantage of the flaw, and use it to compromise Macs around the world—stealing information, planting malware, and generally getting up to no good.

Instead the researcher tweeted that the right thing to do was to give Apple time to issue and distribute a patch to vulnerable computers:

Kvarnhammar reported the vulnerability to Apple, sharing details with the firm’s developers the day after he discovered the problem. Although Apple has not officially confirmed the flaw, it did agree that he could go public with full details about the vulnerability in January, suggesting that the company is planning to patch it.

It will be interesting to see just how long it takes Apple to push out a patch for what appears to be a serious vulnerability. It will certainly be a shame if it takes until early January for a fix to be rolled out.

In the meantime, while you’re waiting, it’s a good idea to not use a user account with Administrator rights on your Mac unless absolutely necessary.

Instead, make sure that your regular user account has “Standard” rights, and create a new account with Admin privileges for when that is required.

To create a new user account, and to adjust your existing accounts’ privileges, open System Preferences and click on Users & Groups.

Share this: