OS X Vulnerability Can Allow Superuser Access to Unauthorized Users
Users looking to exploit a vulnerability in the Sudo Unix command, originally reported back in March, have received some assistance, reports Ars Technica.
The developers of Metasploit, software that makes it easier to misuse vulnerabilities in operating systems and applications, have added the Sudo vulnerability to their software suite. All versions of OS X from OS X Lion 10.7 through the current Mountain Lion 10.8.4 remain vulnerable.
Mac users should realize that an attacker must satisfy a variety of conditions before being able to exploit this vulnerability. For one, the end-user who is logged in must already have administrator privileges. And for another, the user must have successfully run sudo at least once in the past. And of course, the attacker must already have either physical or remote shell access to the target machine. In other words: this exploit can't be used in the kind of drive-by webpage attacks that last year infected some 650,000 Macs with the Flashback malware. This doesn't mean it's a non-issue though, since the exploit can be used in concert with other attacks to magnify the damage they can do.
Most of the recent exploits in Mac OS X have been related to Java, which Apple completely blocked earlier this year over security vulnerabilities, though Apple did release a standalone malware removal tool to help clean machines that were affected by a number of Java vulnerabilities.
OS X has been targeted more in recent years as it has gained in popularity. The Janicab.A malware was discovered last month, while another program called macs.app was discovered in May. That app captured and stored screenshots.
Popular Stories
Apple today updated the 14-inch MacBook Pro base model with its new M5 chip, which is also available in updated iPad Pro and Vision Pro models.
In addition, the base 14-inch MacBook Pro can now be configured with up to 4TB of storage on Apple's online store, whereas the previous model maxed out at 2TB. However, the maximum amount of unified RAM available for this model remains 32GB.
Like...
Apple today announced the next-generation iPad Pro, featuring the custom-designed M5, C1X, and N1 chips.
The M5 chip has up to a 10-core CPU, with four performance cores and six efficiency cores. It features a next-generation GPU with Neural Accelerator in each core, allowing the new iPad Pro to deliver up to 3.5x the AI performance than the previous model, and a third-generation ray-tracing ...
We didn't get a second fall event this year, but Apple did unveil updated products with a series of press releases that went out today. The M5 chip made an appearance in new MacBook Pro, Vision Pro, and iPad Pro models.
Subscribe to the MacRumors YouTube channel for more videos.
We've rounded up our coverage and highlighted the main feature changes for each device below.
MacBook Pro
M5...
Apple plans to cut production of the iPhone Air amid underwhelming sales performance, Japan's Mizuho Securities believes (via The Elec).
The Japanese investment banking and securities firm claims that the iPhone 17 Pro and iPhone 17 Pro Max are seeing higher sales than their predecessors during the same period last year, while the standard iPhone 17 is a major success, performing...
Apple on Wednesday updated the 14-inch MacBook Pro, iPad Pro, and Vision Pro with its next-generation M5 chip, but previous rumors have indicated that the company still plans to announce at least a few additional products before the end of the year.
The following Apple products have at one point been rumored to be updated in 2025, although it is unclear if the timeframe for any of them has...
Apple today updated the Vision Pro headset with its next-generation M5 chip for faster performance, and a more comfortable Dual Knit Band.
The M5 chip has a 10-core CPU, a 10-core GPU with Neural Accelerators, and a 16-core Neural Engine, and we have confirmed the Vision Pro still has 16GB of RAM.
With the M5 chip, the Vision Pro offers faster performance and longer battery life compared...
Apple on Wednesday updated the 14-inch MacBook Pro base model with an M5 chip, and there are two key storage-related upgrades beyond that chip bump.
First, Apple says the new 14-inch MacBook Pro offers up to 2× faster SSD performance than the equivalent previous-generation model, so read and write speeds should get a significant boost. Apple says it is using "the latest storage technology," ...
The new 14-inch MacBook Pro with an M5 chip does not include a charger in the box in European countries, including the U.K., Ireland, Germany, Italy, France, Spain, the Netherlands, Norway, and others, according to Apple's online store.
In the U.S. and all other countries outside of Europe, the new MacBook Pro comes with Apple's 70W USB-C Power Adapter, but European customers miss out....
Apple's AirPods Max have now been available for almost five years, so what do we know about the second-generation version?
According to Apple supply chain analyst Ming-Chi Kuo, the new AirPods Max will be lighter than the current ones, but exactly how much is as yet known. The current AirPods Max weigh 0.85 pounds (386.2 grams), excluding the charging case, making it one of the heavier...
Apple is going to launch a new version of the MacBook Pro as soon as tomorrow, so we thought we'd go over what to expect from Apple's upcoming Mac.
M5 Chip
The MacBook Pro will be one of the first new devices to use the next-generation M5 chip, which will replace the M4 chip.
The M5 is built on TSMC's more advanced 3-nanometer process, and it will bring speed and efficiency improvements. ...
