Details on the#rootpipeexploit will be presented, but not now.
Let’s just give Apple some time to roll out a patch to affected users.
The backdoor has the working title RootPipe and was discovered by chance.
Millions of Apple computers worldwide may be affected.
Hackers can gain the highest possible access over your box.
Then they are free to install software or make changes to your system without you noticing anything.
This can lead to your passwords, pictures, emails or bank account information getting hijacked.
I wanted to show a flaw in Mac OS X, but relatively few have been published.
He tested the vulnerability on version 10.8.5 of the OS and got it to work, he says.
Then he tried on 10.9 but with no luck.
I was a bit dejected but continued to investigate, Emil said.
There were a few small differences [in later releases] but the architecture was the same.
In this case, Apple had migrated and moved some functions, but basically the same flaws remained.
However, rootpipe circumvents this, he says.
However there was a flurry of correspondence with Apple asking for more details.
Emil said, The current agreement with Apple is to disclose all details in mid-January 2015.
This might sound like a long wait, but hey, time flies.
Its important that they have time to patch, and that the patch is available for some time.
Meanwhile here is a video of his initial findings released by Emil :
Read More
source: www.techworm.net
