Major exploit found in macos kernel

A security researcher in New York has been in charge of bringing to light a security problem, which is present in the kernel of the macOS operating system, and which allows complete control of the system.

macOS has a vulnerability that is 15 years old

This security problem in the kernel of the macOS operating system has an estimated age of 15 years, it is a very serious bug that allows to achieve a privilege escalation with which the attacker can gain full access to the system and execute malicious code. Apparently this vulnerability has been present since 2002, so there are millions of vulnerable computers around the world.

This local privilege escalation bug resides in IOHIDFamily, a macOS kernel extension that has been designed for Human Interface Devices (HIDs), such as a touch screen or buttons, allowing an attacker to install a root shell or execute arbitrary code in the system.

Apple responds to accusations for reduced performance of its iPhone

The exploit affects all versions of macOS and allows arbitrary read / write errors in the kernel. In addition to this, it also disables the System Integrity Protection (SIP) and Apple Mobile File Integrity (AMFI) security features that offer protection against malware.

Since the vulnerability only affects macOS and is not remotely exploitable, the researcher decided to upload his findings online instead of reporting it to Apple. Apple's error rewards program does not cover macOS errors.

"IOHIDFamily has been notorious in the past for the many race conditions it contained, which ultimately led to much of it being rewritten to use command gates, as well as large parts being blocked by rights."

"I was originally looking at its source in hopes of finding an easy-to-reach fruit that would allow me to compromise an iOS kernel, but what I didn't know then is that some parts of IOHIDFamily exist only in macOS, specifically in the IOHIDS system, which it contains the vulnerability."

Thehackernews font