ALERT—A Mac Bug Is Cause For Concern


August 30, 2013

MAC Security BugA bug in the Mac OS X was uncovered five months ago and is now of renewed concern. It gives hackers almost unlimited access to files when they alter clock and user timestamp settings.

All versions of OS X from 10.7 through 10.8.4 are at risk of being hacked.

Ars Technica reports that this bug is now a real concern because of a new testing module in Metasploit, which can make it easier for hackers to exploit Mac OS X vulnerabilities. Metasploit is an open-source framework that makes it easier for security researchers to penetrate and test networks. Although it’s a useful tool for locating and correcting flaws, it can also be used by cybercriminals to exploit a Unix component called sudo.

Sudo requires a password before “Superuser” privileges are granted.  The flaw is in the authentication process where the clock in the Mac OS X can be set back to Jan 1, 1970, (the beginning of time for the machine) and alter the sudo-user timestamp settings. As a result hackers can obtain root access without using a password.

A post on the Common Vulnerabilities and Exposure (CVE) page explains further:

“sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically-proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.”

The good news is that for hackers to exploit this flaw, they must have administrator privileges, and have previously run the sudo.  They also need physical or remote access to the device.

According to HD Moore, the Founder of Metaspoit:

“The bug is significant because it allows any user-level compromise to become root, which in turn exposes things like clear-text passwords from Keychain and makes it possible for the intruder to install a permanent rootkit.”

We're Integris. We're always working to empower people through technology.

Keep reading

Benefits of a NIST Cybersecurity Framework Risk Assessment

The National Institute of Standards and Technology (NIST) released the cybersecurity framework risk assessment in 2014. It is an impressive and detailed resource that allows a wide range of industries to better manage and understand their cybersecurity efforts. Many...

Information Technology Consulting Firms: Tips for Common IT Problems

When you run a business, you will run into standard information technology (IT) issues. Security breaches, broken technology, lost data, and forgotten login information will happen in only a matter of time – which is why it’s crucial to have information technology...