Hidden ‘backdoor API’ found in versions of OS X as users urged to upgrade

System Preferences exploit

When it comes to security, there is very little rest, as researchers and other individuals continue to find ways nefarious individuals could take advantage of generally unsuspecting users.

In a new report published by AppleInsider, and citing an in-depth look at a serious vulnerability within OS X published by TrueSec’s Emil Kvarnhammar, a major flaw has been found at the root of a previously unpublished API within OS X. This specific API is apparently used by system processes, including System Preferences, when it relates to privilege escalation. As a result, any OS X user, whether the have admin credentials or not, can access certain elements of the system, like administrative rights, by exploiting the API.

As a result, for users running OS X that has not been patched, downloading something with malware containing the exploit code could essentially hand over their computer to someone else entirely. That means the attacker would have access to the computer, no matter what type of other security precautions have been implemented.

Worse, Apple will apparently not patch previous versions of OS X, from 10.10 or later, which is apparently due to the complexity of the fix necessary:

As a result, OS X users are urged to upgrade to Yosemite version 10.10.3 as soon as possible. Apple will not patch versions older than 10.10, reportedly due to the complexity of the fix.

For users running OS X 10.10, 10.10.1, or 10.10.2, a patch for this bug is included in Security Update 2015-004.

Apple has implemented fixes for versions of OS X 10.10, 10.10.1, 10.10.2, and for the latest release, 10.10.3.

[via AppleInsider; TrueSec]