A severe vulnerability was recently discovered in Apple’s operating systems, and it reportedly affects all iOS and OS X devices. The flaw would allow elevation of privileges for malicious code and bypassing of Apple’s security features.
The flaw was discovered by Pedro Vilaça, a security researcher for SentinelOne, and was reported to Apple back in December of last year. It exploited the way some special binaries and tasks act in iOS and OS X and allowed an attacker to bypass Apple’s System Integrity Protection (SIP) feature. This latter technology limits the ability of a root account to access protected parts of iOS and OS X. But some programs, like the ones that update your device’s operating system retain privileges – and its these that are exploited by this flaw which is then allowed to run arbitrary code on the device and bypass SIP.
The researcher said that this flaw could be exploited as part of a so-called “bug chain”, where successive security flaws are used to penetrate deeper into the OS. According to him, this exploit would eventually allow an attacker to not only run arbitrary code but also load unsigned kernel code. This essentially means the device is fully compromised. Vilaça explained at a security conference that the exploit is “100 percent reliable and stable [...] it does not crash machines or processes”.
The good news is that it doesn’t seem to have been used in the wild – but that’s not a hundred percent certain, and as Vilaça notes, it’s exactly the type of exploit a nation-state or intelligence agency would use.
Luckily, the vulnerability which was recently disclosed by Google’s Project Zero, has been patched as of iOS 9.3 and OS X El Capitan 10.11.4. In other words, this is another big reason for you to upgrade to the latest version of your operating systems.
Source: Project Zero, ZDnet | iPhone restore image via Shutterstock