UPDATED 21:13 EST / MARCH 04 2019

SECURITY

Massive macOS vulnerability exposed by Google security researchers

It’s often claimed that Apple Inc. products are safe from hacking, but even though that has been proven to be false time and time again, a new vulnerability has emerged that suggests threats have graduated from a soldier with a gun to a B-52 dropping a large bomb.

Discovered by Google LLC’s Project Zero security arm in November but only published now, the “high severity” flaw in the macOS kernel allows a hacker to access a computer without the user’s knowledge. The vulnerability allows an attacker to modify a mounted disk image, then get the Mac to run the modified code by exploiting macOS’s memory management system.

As VentureBeat pointed out, the severity so high because “users mount disk images all the time, yet macOS doesn’t re-check the images when it automatically purges and reloads content in the course of managing its limited memory.”

“This copy-on-write behavior works not only with anonymous memory, but also with file mappings,” Google’s security researchers explained. “This means that, after the destination process has started reading from the transferred memory area, memory pressure can cause the pages holding the transferred memory to be evicted from the page cache. Later, when the evicted pages are needed again, they can be reloaded from the backing filesystem.

Casey Ellis, chief technology officer and founder of Bugcrowd Inc., told SiliconANGLE the disclosure will pressure Apple to issue a fix as quickly as possible. It also will likely put pressure on the company to extend its existing iOS bug bounty program to macOS devices, he said.

This isn’t the first time a lack of bug bounty of macOS has been in the news. An 18-year-old German security researcher exposed a macOS bug in February while claiming that he refused to work with Apple because of a lack of a bug bounty program for the operating system.

“In the meantime, macOS users may be at risk from malicious use of the details that Google’s Project Zero have released,” Ellis said. “The scope of potential ways to exploit this vulnerability is so broad that there isn’t any practical advice I can provide to avoid it while it’s unpatched. Mac OS X users should enable automatic updates on their Apple devices to ensure that a patch is installed as soon as Apple release it, and this advice goes in general for all personal systems.”

Photo: U.S. Department of Defense

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.