New macOS bug allows for full system compromise – if attacker has physical access

Another hole has been found in macOS, with the flaw being revealed by a security researcher (or ‘hobbyist hacker’, as his Twitter profile notes) as the New Year rolled around – hardly the start to 2018 Apple would have wanted.

The researcher who goes by the name of Siguza said that the zero-day flaw seems to have been present in Apple’s desktop operating system since as far back as 2002.

It allows any user to gain full control of a Mac computer, but not remotely – an attacker will need physical access to the machine in question. In that case, they can use this local privilege escalation bug to get root permissions and execute arbitrary code, as reports.

Furthermore, the exploit isn’t very sophisticated or stealthy, and will log the user out. Siguza observed: “Needs to be running on the host already (nothing remote), achieves full system compromise by itself, but logs you out in the process.

“Can wait for logout though and is fast enough to run on shutdown/reboot until [macOS] 10.13.1. On 10.13.2 it takes a fair bit longer (maybe half a minute) after logging out, so if your OS logs you out unexpectedly… maybe pull the plug?”

Embarrassing episode

Note that this vulnerability apparently affects all versions of macOS, and while it may not be particularly sophisticated, it’s still worrying. Particularly coming after the much-publicized login bug in High Sierra which emerged last November, although that was an entirely more embarrassing affair given how basic the security flaw was (you could log onto any Mac simply by using ‘root’ as the username, with nothing in the password field).

Clearly, though, this is the last thing Apple needed to kick-off 2018 with. Even if it is a rather clunky exploit which requires physical access to the PC in question, it still allows for a full system compromise – and most worryingly it’s a bug which has apparently been present in Apple’s desktop OS for a decade and a half, or thereabouts.

Apple is working on a patch right now, according to the report, so we should hopefully see that come through the pipeline pretty sharpish.

  • A couple of Apple’s MacBooks make our list of best laptops

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).