Apple has yet to patch up a zero-day vulnerability in Mac OS X Yosemite and Mavericks discovered by a teenager last week.
Threat Post reports that the kernel-level flaw uncovered by Luca Todesco, an 18-year-old security researcher, remains active in both versions of OS X but it has reportedly been addressed in OS X El Capitan Beta.
The exploit discovered by Todesco, known as tpwn, fuses together two vulnerabilities that affect the memory processes in OS X 10.9.5 through 10.10.5 at kernel level that get past existing mitigations.
Once a hacker gains access to a machine that is vulnerable they have root-level access, although a successful attack only occurs when a user executes a malicious application or file downloaded from the internet.
Patch possibly coming soon
There is one way to mitigate the threat, according to a Github post by Todesco, which is to run the SUIDGuard tool developed by Stefan Esser that ultimately makes it difficult for attackers to run kernel-level exploits.
It's widely reported that Apple is working on a solution to fix the OS X exploit in the form of a patch that is currently being tested. It's unlikely that it will be a problem in OS X El Capitan when it arrives at some point in the coming months.
Article continues below