• Privacy Policy

News & Promotions

What's going on in your world?

  • Automotive
  • Entertainment
  • Education
  • Financial
  • Health
  • Home Builder
  • Humor & Memes
  • Insurance
  • Parenting
  • Restaurants
  • Shopping
    • Coupons
    • Special Offer
  • Sports
  • Technology
  • Travel
    • Transportation
    • Weather
  • Mobile Apps
You are here: Home / Technology / Hackers Exploit Flaw in Apple’s OS X to Install Adware

Hackers Exploit Flaw in Apple’s OS X to Install Adware

August 4, 2015 By Ellen Smith

A security flaw in an operating system is dangerous, but a security flaw that’s being actively exploited in the wild, and for which there is no official fix, is much more problematic. That’s exactly what’s happening to Apple’s latest version of OS X, according to security company Malwarebytes.

An OS X security flaw detailed in July by security researcher Stefan Esser allows an attacker to install software on a user’s computer without permission or password. Now, Malwarebytes researcher Thomas Reed has encountered an exploit that takes advantage of this flaw, installing VSearch and Genieo adware as well as MacKeeper junkware — in short, software that you don’t want on your computer, ever.

The exploit takes advantage of a vulnerability in an environment variable DYLD_PRINT_TO_FILE in OS X 10.10.x, which is normally used for error logging. According to Esser, the vulnerability has been fixed in the OS X 10.11 beta versions, but is not fixed in the current version — OS X 10.10.4 — nor in the 10.10.5 beta version.

Reed claims Esser’s behavior was irresponsible, as he publicly revealed the flaw without notifying Apple first. And while Esser created his own software that he claims fixes the issue, Reed advises against using it.

“There is no good way to protect yourself, short of installing Esser’s software to protect against the very flaw that he released into the hands of hackers worldwide, which introduces some serious questions about ethics and conflict of interest,” he wrote in a blog post.

We’ve contacted Apple about the issue and will update the article when we find out more.

 

Source link

Filed Under: Technology

Please Follow & Like Us :)

Facebook
Facebook
fb-share-icon
Twitter
Visit Us
Follow Me
Tweet
RSS

Recent Posts

Colonial Pipeline reportedly paid millions for slow-ass decryption software

When it comes to ransomware, you don't always get … [Read More...]

Advanced tax strategies for startup founders

Peyton Carr is a financial advisor to founders, … [Read More...]

Here’s How To Add Pronouns To Your Instagram Profile In A Few Simple Steps

Instagram is making it so much easier to share … [Read More...]

Copyright © 2023 · News & Promotions, 538 W. 21 St. #91289 Houston, TX 77008-3642 · All rights reserved · Unsubscribe · Log in

Go to mobile version