Last month, security researcher Stefan Esser published details and proof-of-concept code of a zero-day vulnerability in OS X Yosemite that could allow a hacker to easily escalate their privileges, and take complete control over Mac computers.
Esser chose not to contact Apple about the DYLD_PRINT_TO_FILE vulnerability - which remains currently unpatched in OS X Yosemite, despite it curiously being fixed in the beta version of the next iteration of OS X, El Capitan.
Now, security firm Malwarebytes has discovered an in-the-wild attack exploiting the vulnerability, where root permission is gained on the computer without a password being needed.
Learn more:
http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
Learn more:
http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security