Reply to post: Re: Congratulations on repeating exploits before they can be fixed

Get root on an OS X 10.10 Mac: The exploit is so trivial it fits in a tweet

diodesign (Written by Reg staff) Silver badge

Re: Congratulations on repeating exploits before they can be fixed

"Congratulations on repeating exploits in detail before they can be fixed"

Apple has fixed it. You just have to upgrade to El Capitan. Don't want to upgrade? No problem, you've been warned and are aware of the risk. There's also a workaround in the story. The exploit has been public knowledge for two weeks – the bad guys already know. You should know too.

"However, the article does not Emphasise that you must first have privileged access through an app."

You've misunderstood. This exploit allows normal software – like a simple tool you've downloaded from the web – to gain root-level access without a password. Without prompting the user for a password. That's bad.

Post less.

C.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019