Hackers are exploiting a serious zero-day vulnerability in the latest version of Apple's OS X so they can install adware applications without requiring victims to enter system passwords, researchers said. As Ars reported last week, the privilege-escalation bug stems from new error-logging features that Apple added to OS X 10.10. Developers didn't use standard safeguards involving additions to the OS X dynamic linker dyld, a failure that lets attackers open or create files with root privileges that can reside anywhere in the OS X file system. It was disclosed last week by security researcher Stefan Esser. On Monday, researchers from anti-malware firm Malwarebytes said a new malicious installer is exploiting the vulnerability to surreptitiously infect Macs with several types of adware including VSearch, a variant of the Genieo package, and the MacKeeper junkware. Malwarebytes researcher Adam Thomas stumbled on the exploit after finding the installer modified the sudoers configuration file. In a blog post, Malwarebytes researchers wrote:
[...] The real meat of the script, though, involves modifying the sudoers file. The change made by the script allows shell commands to be executed as root using sudo, without the usual requirement for entering a password.
(Score: 2) by zeigerpuppy on Wednesday August 05 2015, @11:55PM
OS X certainly seems to be leaking more data with each new version.
I still run Mountain Lion and Mavericks for this reason.
Little Snitch is a must have for OS X and it reveals a lot of calling home in later versions. So much so that with any sane firewall policy it breaks Yosemite pretty bad. That and the fuck up that prevents global variables from command line (breaking heaps of macports apps)