18-year-old Luca Todesco has uncovered two zero-day vulnerabilities in OS X that could be exploited to remotely gain access to a computer,reports PC World.
Todesco’s exploit uses two bugs to corrupt memory found in the OS X kernel. This condition can be used to circumvent built-in safeguards against intrusions and grant the attacker access to a root shell.
His exploit code works on OS X version 10.9.5 through 10.10.5. However, Apple has already fixed the issue inEl Capitan10.11, which is currently in beta.
Todescoposted details of his findings, along with a patch for them on GitHub. He said that he’d notified Apple of the issues a few hours before publishing them.
The 💜 of EU tech
The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!
If you’re running any of the affected versions of OS X, you’d do well to consider Todesco’s patch; bear in mind that it’s an unofficial fix, so use it at your own risk.
We’ve contacted Apple and will update this post if we hear back.
➤Italian teen finds two zero-day vulnerabilities in OS X[PC World]
Read next:New OS X exploit breaks Keychain’s security, exposes passwords
Story byAbhimanyu Ghoshal
Abhimanyu is TNW’s Managing Editor, and is all about personal devices, Asia’s tech ecosystem, as well as the intersection of technology and(show all)Abhimanyu is TNW’s Managing Editor, and is all about personal devices, Asia’s tech ecosystem, as well as the intersection of technology and culture. Hit him up onTwitter, or write in:abhimanyu@thenextweb.com.
Get the TNW newsletter
Get the most important tech news in your inbox each week.
