Unpatched Code Execution Vulnerability in macOS

According to SecurityWeek, on the first day of 2018, Siguza, a researcher specializing in the Apple operating system, released details of an uncorrected vulnerability in macOS. The vulnerability is based on IOHIDFamily 0day, which he calls IOHIDeous, which can be leveraged to take full control of your system. An attacker who has access to the system can exploit this vulnerability to execute arbitrary code and gain root privileges.

Siguza pointed out that the bugs he found affected all versions of macOS and could cause any read/write bugs in the kernel. Hackers created vulnerabilities also disable System Integrity Protection (SIP) and Apple Mobile File Integrity (AMFI) security features. And hackers in the attack is not without the sign, because of the need to force logout users. However, an attacker could design it to trigger a vulnerability when it manually shuts down or restarts the target device.

The PoC code provided by Siguza applies only to macOS High Sierra 10.13.1 and earlier, but he believes the vulnerability can also be used for the latest version, 10.13.2, released by Apple on December 6. He also said that the flaw had existed since at least 2002.

Some people think that public loopholes will make macOS users at risk of attack, but Siguza does not think so:

Apple had not responded to the announcement until the deadline.

Reference: SecurityWeek