OS X Vulnerability Can Allow Superuser Access to Unauthorized Users
Users looking to exploit a vulnerability in the Sudo Unix command, originally reported back in March, have received some assistance, reports Ars Technica.
The developers of Metasploit, software that makes it easier to misuse vulnerabilities in operating systems and applications, have added the Sudo vulnerability to their software suite. All versions of OS X from OS X Lion 10.7 through the current Mountain Lion 10.8.4 remain vulnerable.
Mac users should realize that an attacker must satisfy a variety of conditions before being able to exploit this vulnerability. For one, the end-user who is logged in must already have administrator privileges. And for another, the user must have successfully run sudo at least once in the past. And of course, the attacker must already have either physical or remote shell access to the target machine. In other words: this exploit can't be used in the kind of drive-by webpage attacks that last year infected some 650,000 Macs with the Flashback malware. This doesn't mean it's a non-issue though, since the exploit can be used in concert with other attacks to magnify the damage they can do.
Most of the recent exploits in Mac OS X have been related to Java, which Apple completely blocked earlier this year over security vulnerabilities, though Apple did release a standalone malware removal tool to help clean machines that were affected by a number of Java vulnerabilities.
OS X has been targeted more in recent years as it has gained in popularity. The Janicab.A malware was discovered last month, while another program called macs.app was discovered in May. That app captured and stored screenshots.
Popular Stories
The first iOS 18.4 beta for iPhones should be just around the corner, and the update is expected to include many new features and changes.
Bloomberg's Mark Gurman expects the iOS 18.4 beta to be released by next week.
Below, we outline what to expect from iOS 18.4 so far.
Apple Intelligence for Siri
Siri is expected to get several enhancements powered by Apple Intelligence on iOS...
Apple is set to "significantly change" the iPhone's design language later this year, according to a Weibo leaker.
In a new post, the user known "Digital Chat Station" said that the iPhone's design is "starting to change significantly" this year. The "iPhone 17 Air" reportedly features a "horizontal, bar-shaped" design on the rear, likely referring to an elongated camera bump. On the other...
Apple is "exploring" the idea of showing search ads in the Apple Maps app, according to Bloomberg's Mark Gurman.
Back in 2022, Gurman said software engineering was "already underway" to display ads in the Apple Maps app, but Apple did not move forward with the idea at the time. Today, he said Apple is "giving this notion more thought" again.
This time around, he said Apple has yet to...
Apple has yet to announce any new devices this year, but that could change starting next week.
Apple CEO Tim Cook today said to "get ready" for a "launch" on Wednesday, February 19.
"Get ready to meet the newest member of the family," said Cook, in a social media post. The post includes an #AppleLaunch hashtag, along with a short video featuring an animated Apple logo inside of a circle....
A few days ago, we reported that Apple's refurbished Mac mini pricing had a problem, and it appears that Apple has taken note.
Apple was offering a refurbished Mac mini with the M2 chip, 16GB of RAM, and 256GB of storage for $559, which was $50 more than a refurbished Mac mini with the M4 chip, 16GB of RAM, and 256GB of storage. All other key specifications were equal.
That's no longer...
Apple's next-generation iPhone 17 Pro will feature three rear cameras arranged in a familiar triangular layout, but the cameras will be housed in an all-new rectangular camera bar with rounded corners, according to YouTube channel Front Page Tech.
iPhone 17 Pro camera design render created by Asher for Front Page Tech
In a video uploaded today, Front Page Tech host Jon Prosser said the camera ...
Apple appears to have enough upcoming product announcements to justify a full event this month, yet all signs indicate these reveals will be handled through a series of press releases instead.
There are a multitude of rumors from reliable sources about specific announcements in the coming weeks, so here's everything that Apple could have feasibly included in a hypothetical February event:
...
Apple CEO Tim Cook teased an Apple announcement that's coming on Wednesday, February 19, and it's looking like that mystery announcement will be the next-generation iPhone SE.
We've been hearing about the iPhone SE 4 for quite some time now, and we essentially know everything to expect. If you want a sneak peek at what's coming, read on.
Naming
Apple first introduced the iPhone SE in...