Home » News » Tech » Apple botches fix leaving all Mac machines vulnerable to attacks: Researchers
1-MIN READ

Apple botches fix leaving all Mac machines vulnerable to attacks: Researchers

Apple botches fix leaving all Mac machines vulnerable to attacks: Researchers

Apple claimed that it had fixed the Rootpipe flaw, but the vulnerability remained and a researcher was able to exploit the flaw that opened up a path to root access.

New Delhi: Apple's incomplete fix of a major flaw in its Mac machines has left the computers vulnerable to attacks, researchers have claimed.

Earlier this month, Apple released its latest Mac OS X Yosemite and claimed to have fixed a significant backdoor named Rootpipe that was present on its computers since 2011. However, researchers have said that the tech giant botched the patch leaving the machines prone to attacks.

Former NSA staffer, Patrick Wardle, who now heads up research at security firm Synack, says that he was on a flight when he discovered he was still able to exploit the vulnerability which opened up a path to root access.

A Forbes report notes that Apple put additional access controls to stop attacks, but Wardle's code was still able to connect to the vulnerable service and start overwriting files on his Mac.

Rootpipe was brought to Apple's knowledge in October last year, however, it wasn't until April that it addressed the issue. The attack through Rootpipe requires a hacker to obtain local privileges, most likely via an exploit of other software sitting on Macs, yet Apple failed to patch the issue.

first published:April 22, 2015, 09:11 IST