Phoenix; RootPipe Reborn from patrick wardle on Vimeo.

A former NSA staffer says that the OS X 10.10.3 update which Apple claims fixed a significant security vulnerability has failed to do so, reports Forbes. Patrick Wardle, who now heads up research at security firm Synack, demonstrated the vulnerability in a video (without revealing exactly how it was done) to allow Apple time to issue a further fix.

The Rootpipe vulnerability allows an attacker with local access to a Mac to escalate their privileges to root – allowing them full control of the machine – without further authentication. A second security researcher confirmed the flaw … 

Wardle said the exploit he used was “novel yet trivial,” while security researcher Pedro Vilaça said that the fix attempted in OS X 10.10.3 was doomed from the start since there were “a tonne of ways to bypass it.”

Wardle added that he had resisted the temptation to use the exploit on display models at an Apple Store, and had passed full details to Apple.

It was reported earlier today that around 1,500 iOS apps are vulnerable to man-in-the-middle attacks thanks to their use of buggy open-source networking code.

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author

Ben Lovejoy's favorite gear