{"id":11019,"date":"2015-04-09T17:02:13","date_gmt":"2015-04-09T21:02:13","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=11019"},"modified":"2021-07-06T16:57:24","modified_gmt":"2021-07-06T20:57:24","slug":"yosemite-only-security-fixes","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2015\/04\/09\/yosemite-only-security-fixes\/","title":{"rendered":"Yosemite-Only Security Fixes"},"content":{"rendered":"

Emil Kvarnhammar<\/a>:<\/p>\n

\n

The Admin framework in Apple OS X contains a hidden backdoor API to root privileges. It’s been there for several years (at least since 2011), I found it in October 2014 and it can be exploited to escalate privileges to root from any user account in the system.<\/p>\n

The intention was probably to serve the “System Preferences” app and systemsetup (command-line tool), but any user process can use the same functionality.<\/p>\n

Apple has now released OS X 10.10.3 where the issue is resolved. OS X 10.9.x and older remain vulnerable, since Apple decided not to patch these versions. We recommend that all users upgrade to 10.10.3.<\/p>\n<\/blockquote>\n

This sounds like a serious bug that Apple should fix for previous OS versions as well. Not everyone can<\/em> update to Yosemite, and some don’t want<\/em> to yet because of bugs. Mavericks was the current OS version less than six months ago. It’s too early to abandon it.<\/p>","protected":false},"excerpt":{"rendered":"

Emil Kvarnhammar: The Admin framework in Apple OS X contains a hidden backdoor API to root privileges. It’s been there for several years (at least since 2011), I found it in October 2014 and it can be exploited to escalate privileges to root from any user account in the system. The intention was probably to […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2021-07-06T20:57:27Z","apple_news_api_id":"52574cec-a32b-45ef-807b-7ef1c06d43fd","apple_news_api_modified_at":"2021-07-06T20:57:27Z","apple_news_api_revision":"AAAAAAAAAAD\/\/\/\/\/\/\/\/\/\/w==","apple_news_api_share_url":"https:\/\/apple.news\/AUldM7KMrRe-Ae37xwG1D_Q","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[131,2095,30,903,211,17,475,48],"class_list":["post-11019","post","type-post","status-publish","format-standard","hentry","category-technology","tag-bug","tag-exploit","tag-mac","tag-mac-os-x-10-10-yosemite","tag-lion","tag-mountainlion","tag-mavericks","tag-security"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/11019","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=11019"}],"version-history":[{"count":3,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/11019\/revisions"}],"predecessor-version":[{"id":11022,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/11019\/revisions\/11022"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=11019"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=11019"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=11019"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}