An Italian teenager has discovered a previously unknown zero-day vulnerability in Apple's Mac OS X platform that could be exploited by hackers to allow privileged access to Mac systems.
A proof-of-concept has been released by Luca Todesco, 18, who said the exploit uses bugs to corrupt the memory in the operating system that can then be used to access the system root shell.
The flaw, dubbed 'tpwn', is said to affect all versions of Yosemite, including the recently patched 10.10.5, but reportedly does not affect El Capitan.
Details of the flaw have been published on GitHub, and Todesco has faced criticism for contacting Apple about the problem only a few hours before publishing his findings.
Todesco said on Twitter that he has received significant condemnation on social media after publishing the code without giving Apple enough time to release a security fix.
This is kinda getting out of proportion. Best outcome for me would have simply been to stay quiet. I had reasons to drop it the other day.— Luca Todesco (@qwertyoruiop) August 17, 2015
Todesco has released a third-party patch for the vulnerability called NullGuard which is included in the material published to GitHub, but it is not considered an official release and is not certified by Apple.
NULLGuard - Fixes tpwn & prevents NULL page mapping, rendering many bugs unexploitable. http://t.co/wNy0KA7OVL— Luca Todesco (@qwertyoruiop) August 16, 2015
The news comes after Apple recently rolled out a patch for OS X 10.10.5 to fix a ‘print to file' vulnerability discovered by German researcher Stefan Esser that allowed hackers to inject malware and adware into the Mac operating system without needing a password.
A separate research team discovered another major security flaw called Thunderstrike 2 that targets Mac firmware.
Thunderstrike 2 was revealed at the 2015 Black Hat security conference in Las Vegas and can infect a MacBook via a phishing email that can then spread to any other hardware with which it comes into contact.
V3 has contacted Apple about whether the firm plans to release a patch for the 'tpwn' flaw but had not received a reply at the time of publication.
Users are told that their non-existent 'iPhoneID' is expiring soon
Expansion of SDK intended to expand Amazon Alexa ecosystem
Locky returns from a prolonged rest with two new variants
AMD lambasted over Radeon RX Vega pricing that will add an extra £100 to RX Vega 56 and 64 graphics cards
Company accused of failing to tell anyone that the launch prices were only introductory offers