OS X 10.10.5 is largely a security update, as it includes patches for issues that have already been publicly disclosed.
Advertisement
Todesco recommended users install Esser’s SUIDGuard to protect against unpatched privilege-escalation flaws.
Luca Todesco, the teen in question, posted the details of the exploit he developed on GitHub.
As Todesco explained to MacWorld, “The memory corruption condition can then be used to circumvent kernel address space layout randomization (kASLR), a defensive technique designed to thwart exploit code from running”.
Following yesterday’s misfire on the public beta channel, Apple has released OS X El Capitan Beta 7 (build 15A263e) to developers. “If you do not have OS X 10.11 installed, use your download code on the Mac App Store to get started”, reads the new entry on the Apple Developer website.
It’s highly likely that today’s release comes loaded with the same patches and changes which Apple implemented in the sixth developer beta of OS X El Capitan, so users shouldn’t be too surprised to see little to no changes at all in this Public Beta build.
This exploit was discovered just after the latest patch that Apple released last week to prevent attackers and miscreants from loading programs onto computers through remote access. It’s unlikely that it will be a problem in OS X El Capitan when it arrives at some point in the coming months. He said that he’d notified Apple of the issues a few hours before publishing them.
Advertisement
Another big security flaw in OS X Yosemite has been discovered, but instead of telling Apple first, the guy who found it posted his findings on the Internet.
