It was discovered a vulnerability in OS X that makes it possible to install software without the user’s consent . The flaw, discovered by Adam Thomas, a researcher of the company Malwarebytes, has already been exploited by producers of malware.
With an installer of adware (software types that put advertisements) are able to edit the file Configuration sudoers , a hidden file of Unix that also manages some root permissions in Unix shells. Editing the sudoers hackers can install applications without asking the user for a password.
A new bug allows silent installation of adware
The flaw lies in the DYLD_PRINT_TO_FILE , a new system of registration errors of the latest versions of OS X. With a script you can install the adware VSearch without asking for your password.
The researcher who discovered the vulnerability has explained that it is present in OS X 10.10.4 but not in the new OS X 11.10 El Capitan , the new version of the desktop operating system now reached beta 6.
ALL RIGHTS RESERVED © Copyright OVERPRESS
No comments:
Post a Comment