Skip to main content

Two zero-day vulnerabilities found in Apple’s OS X by an Italian teen

Two zero-day vulnerabilities have been discovered in Apple’s OS X by an Italian teenager that could potentially be used to gain remote access to a computer.

Luca Todesco, 18 found that there are two bugs in the OS that can be used to corrupt the memory in the OS X’s kernel. Once the memory is corrupt, the attacker can then circumvent the kernel address space layout randomisation (kASLR) which is a defensive technique of the OS to protect itself from giving the attacker the root shell. But once the attacker circumvents through the kASLR, they can gain a root shell.

The exploit works in 10.9.5 through to 10.10.5 versions of OS X. One good news for OS X lovers is that this exploit has been fixed in the upcoming El Capitan update. But El Capitan is currently in beta, which means that you are still using OS X.

This exploit was discovered just after the latest patch that Apple released last week to prevent attackers and miscreants from loading programs onto computers through remote access. The patch was for a local privilege escalation vulnerability.

Todesco said that he does security research in his spare time, which was when he found this exploit. He also said that he notified Apple a few hours before publishing the exploit on Github.