The bad news is that, at least from Wardle’s perspective, Objective Development has done a poor job of publicizing the importance of the 3.6.2 update. If you use Little Snitch, you can avoid the threat of privilege escalation simply by updating the app to its latest version. Objective Development, the app developer behind Little Snitch, has already released a version of the app (3.6.2) that patches the vulnerability. The good news is that Wardle has been talking about this vulnerability for several months now. Wardle says that this particular vulnerability would allow hackers to “install a rootkit, keylogger, disable System Integrity Protection (SIP) and more.” Rootkits can allow external users to take control of a computer, keyloggers can steal passwords, banking information, and other sensitive personal data, and System Integrity Protection is the core of El Capitan’s defenses against other malware. Root privileges, of course, are dangerous for how much control they can give hackers or malicious software over a user’s machine. If exploited, the issue could allow malware programs or local users to gain root privileges on a target computer. Discovered by researcher and hacker Patrick Wardle, the vulnerability is a local escalation of privileges issue. However, according to a recent report from Threatpost, the application might be vulnerable itself. The Little Snitch app is an application firewall that is great for monitoring and controlling how the apps on your Mac can connect to and use the internet. Little Snitch Linked with Privilege Escalation on Mac OS X El Capitan
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |