Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Apple closes critical system backdoor with OS X update
iTnews (AUS) ^ | on Apr 13, 2015 6:24 AM (AUS) | Russell Brown

Posted on 04/12/2015 6:27:05 PM PDT by Utilizer

Older versions left vulnerable.

Apple has fixed a major security hole that has been present in its OS X operating system since at least 2011.

The 10.10.3 update addresses the so-called "rootpipe" vulnerability, which allowed an attacker to gain the highest level of access to the computer without a password.

The vulnerability existed in checking XPC entitlements and meant a process may gain admin privileges without properly authenticating, Apple revealed.

The flaw was identified by TruSec security researcher Emil Kvarnhammer, who discovered the flaw last October and notified Apple's product security team the following day.

Kvarnhammer said a planned full disclosure date in January had to be postponed after Apple reported that a fix would require "a substantial amount of changes on their side".

Even now only the latest version of Mac OS X, Yosemite (10.10) has been fixed, leaving Mavericks and Mountain Lion users vulnerable to exploits based on the flaw.

(Excerpt) Read more at itnews.com.au ...


TOPICS: Computers/Internet
KEYWORDS: apple; itsamac; macproblem; osx
Navigation: use the links below to view more comments.
first 1-2021-4041-55 next last
This was actually discovered last year.
1 posted on 04/12/2015 6:27:05 PM PDT by Utilizer
[ Post Reply | Private Reply | View Replies]

To: Utilizer
Apple closes critical system backdoor with OS X update

Well we know what at least one hour of Rush's Monday show will be about!

2 posted on 04/12/2015 6:29:43 PM PDT by Mastador1 (I'll take a bad dog over a good politician any day!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Utilizer; Swordmaker

What are we supposed to do if our old MacBook only has lion?


3 posted on 04/12/2015 6:32:47 PM PDT by Defiant (Making Stephy a news anchor is like making an arsonist the fire chief.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Defiant

You might try one of the previous versions of Linux Mint with the Cinnamon or Gnome desktop. Depending upon how much memory your machine has you might like that OS much better. I believe ver13 LTS (Long Term Support) might be compatible but you should probably look for yourself before committing.


4 posted on 04/12/2015 6:38:26 PM PDT by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the muzlims trying to kill them)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Defiant
What are we supposed to do if our old MacBook only has lion?

Go down to the Apple store and fork over $2000 for a new one?

(mandatory Crapple pic)
Image and video hosting by TinyPic

5 posted on 04/12/2015 6:43:01 PM PDT by Scutter
[ Post Reply | Private Reply | To 3 | View Replies]

To: Mastador1

Be thankful it ain’t foot ball season as well


6 posted on 04/12/2015 6:46:03 PM PDT by al baby (Hi Mom)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Utilizer
You might try one of the previous versions of Linux Mint with the Cinnamon or Gnome desktop. Depending upon how much memory your machine has you might like that OS much better.
That's not a bad idea to salvage some life out of an old Mac, but I seriously doubt your average user is going to prefer any flavor of Linux over OS-X. Much as I rag on Apple for their overpriced products and their base of slavishly devoted, often irrational, fan-boys, they do have a really polished and nice OS.
7 posted on 04/12/2015 6:46:25 PM PDT by Scutter
[ Post Reply | Private Reply | To 4 | View Replies]

To: Utilizer

I use Linux Mint every day in my software development job and I love it. It works exactly the way I need it to work and I’m able to deliver the work artifacts on time without annoying operating system issues. I have been a Linux user and programmer since 1996 and Mint is the best OS for laptop work IMHO. For server deployments it’s Redhat, Ubuntu, or zLinux for us. So I appreciate your recommendation to load Linux Mint, and i heartily second it.


8 posted on 04/12/2015 6:51:38 PM PDT by gcraig (Freedom is not free)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Scutter

You’d be surprised. The modern Gnome desktop, and the new Cinnamon are pointed more towards the eye-candy crowd, and I have indeed steered some clients away from the default mac OS’s they normally run and over to Linux because of the way the two desktops look. Plus, they really are for the most part plug-and-play, or turn-on-and-go, if you want to get literal about it.

Not to mention it’s all free along with the newer versions and security upgrades. Add to the fact that OS-X is a ‘nix-based OS and many versions of Linux are quite similar to what they already are familiar with on their machines. :)


9 posted on 04/12/2015 7:01:26 PM PDT by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the muzlims trying to kill them)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Utilizer

Isn’t that headline a tad homophobic?


10 posted on 04/12/2015 7:01:43 PM PDT by Sherman Logan
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sherman Logan

FR requires all Thread Titles be posted exactly as they appear at the article(s) referenced.

I’m the messenger, not the writer mate.


11 posted on 04/12/2015 7:05:29 PM PDT by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the muzlims trying to kill them)
[ Post Reply | Private Reply | To 10 | View Replies]

To: Utilizer

That was a joke, or, more accurately, an attempt at one.


12 posted on 04/12/2015 7:09:35 PM PDT by Sherman Logan
[ Post Reply | Private Reply | To 11 | View Replies]

To: Sherman Logan

My fault. I forgot to add the smiley in the post. :)

Cheers!


13 posted on 04/12/2015 7:10:56 PM PDT by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the muzlims trying to kill them)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Mastador1

“Well we know what at least one hour of Rush’s Monday show will be about!”

Someone on this had mentioned that Apple is paying Rush to push their products, but they OBVIOUSLY cannot disclose that publicly.

At first I didn’t believe him, then it made a lot sense to me considering how he just goes on and on about their products...


14 posted on 04/12/2015 7:13:36 PM PDT by BobL (REPUBLICANS - Fight for the WHITE VOTE...and you will win (see my home page))
[ Post Reply | Private Reply | To 2 | View Replies]

To: gcraig

I actually recommend Mepis Linux for its wide range of machines and hardware it is compatible with, and its stability.

I run different versions depending upon the task each machine is set to though, and am running Mint with the KDE desktop on the main machines.

See below for related link:

http://freerepublic.com/focus/f-chat/3278155/posts


15 posted on 04/12/2015 7:14:30 PM PDT by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the muzlims trying to kill them)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Scutter

Yeah right....as if that company in Seattle has ever supported anything they put out...XP ,Vista ,7 ????

Complain all you want but my Apple products continue to work while associates microsft stuff is dying from crapola viruses and malware all the time....plus my 4 year old Macair is doing very nicely compared to a bunch of the laptops out there (I have had and enjoyed this for four years with an i5 cpu and 4 Gb of ddr go ahead and price that out today for your windows machines and you will still be running 5 to 6 hundred)


16 posted on 04/12/2015 7:17:45 PM PDT by Nifster
[ Post Reply | Private Reply | To 5 | View Replies]

To: gcraig

And Linux is the operating system that developers like....not every one is a developer.Some folks are just tool users


17 posted on 04/12/2015 7:19:04 PM PDT by Nifster
[ Post Reply | Private Reply | To 8 | View Replies]

To: Utilizer

The CEO of Apple is gay, so I guess the open backdoor is a “feature”.


18 posted on 04/12/2015 7:21:22 PM PDT by smokingfrog ( sleep with one eye open (<o> ---)
[ Post Reply | Private Reply | To 11 | View Replies]

To: smokingfrog

OK, that one made Me LOL. *grin*

Thanks for the laugh -first one today! :)


19 posted on 04/12/2015 7:23:40 PM PDT by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the muzlims trying to kill them)
[ Post Reply | Private Reply | To 18 | View Replies]

To: smokingfrog

You will note, now, that this is also called a “rootpipe” vulnerability.

*snicker*


20 posted on 04/12/2015 7:33:18 PM PDT by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the muzlims trying to kill them)
[ Post Reply | Private Reply | To 18 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-55 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson