Posted on 08/14/2018 12:57:01 PM PDT by Swordmaker
A security researcher uncovered a zero-day in Apple software by tweaking a few lines of code. Speaking at Defcon in Las Vegas last week, Patrick Wardle, Chief Research Officer of Digita Security, described his research into "synthetic" interactions with a user interface (UI) that can lead to severe macOS system security issues.
Synthetic events are when attackers can virtually "click" objects in order to load code without user consent. If a threat actor is able to "click" a security prompt and load a kernel extension, this could lead to the full compromise of an operating system.
"Via a single click, countless security mechanisms may be completely bypassed," the researcher says. "Run untrusted app? click ...allowed. Authorize keychain access? click ...allowed. Load 3rd-party kernel extension? click ...allowed. Authorize outgoing network connection? click ...allowed."
While some users may stop these kinds of attacks when warning dialogue appears, Wardle says that it is possible to synthetically generate clicks silently and in an invisible way -- a concept which the researcher says results in "everything pretty much go[ing] to hell."
The vulnerability at the heart of the issue is CVE-2017-7150, a bug impacting modern versions of Apple macOS software before version 10.13.
(Excerpt) Read more at zdnet.com ...
Once that is done, then, yes, it will work, because the two lines of kernel code have been altered.
Gee, who would have guess if you ALTER THE KERNEL YOU CAN REMOTELY COMPROMISE THE COMPUTER! DUH!
LOL Color Swordmaker not impressed.
I can completely destroy any system by breaking into the premises and smash it with a hammer.
Not to mention it’s only exploitable on older versions of OSX...
If you want on or off the Mac Ping List, Freepmail me.
Thanks to the Battman for the heads up.
Yup. . . .
what do you recommend for MacBook pro software protection/malware protection?
No updates on my Mac.
That looks like a correct assessment.
Attacker needs to get inside the computer plus have superuser access.
Same as Unix.
Give someone superuser access and manage to get inside the computer with a virus, you can do just about anything.
bingo !
Man, so-called tech journalists (urinalists) will do anything, ANYTHING, to write a headline with Apple, MacOS, and Vulnerability in it.
This is just saying, if you have local access, and root, you can do anything.
Allow me to echo your assessment: Well, D-UH!!
Nothing. The only people who ask that have recently come from the Windows environment. The Mac has essentially everything you need built in. You can get and run Malwarebytes from time to time, but theres no reason to rn it in the background. One dirty little secret of all the commercial malware detectors is that for them to work, they MUST turn off the built in System Defender Apple provides to let any malware IN so they can detect it!
Don’t blindly click to install every pop-up that wants you to (and enter your password).
Only install from known sources.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.