I just wanted to notify our readers interested in OS X security about a new finding that Patrick Wardle has made. He stated in his blog that he’s able to exploit rootpipe on a fully patched OS X 10.10.3!
If you are interested in the details of the patch Apple made, read all details in the writeup by @osxreverser here.
Check out his blog for more info (no details – responsible disclosure, remember). There are a couple of possible approaches that could work to circumvent the entitlement checks Apple added in 10.10.3. But let’s wait for a patch from Apple before we speculate more in public.
i just found today that my admin password on yosemite is changed, i can’t authenticate anymore, i hope is not related
LikeLike