Yosemite is not perfect…

A Swedish guy, Emil Kvarnhammer has discovered an extremely serious vulnerability in Mac OS X Yosemite. that he calls “RootPipe”.

The fact that Mac OS X would be secured against critical vulnerabilities is a dangerous and naive attitude. As in any other complex software There are lots of bugs.

RootPipe is a vulnerability we usually call “privilege escalation” which means that you get from the admin privileges to root. It can also be seen as a “sudo bypass vulnerability.”

The vulnerability affect version 10.8.5 up to the latest one, Yosemite. But from 10.8.5 to 10.9 and Yosemite is a little different approach. There is a little difference how to do this, but the architecture is the same, and with some modifications the vulnerability could also be used in the latest Mac OS X versions.

Apple just made a big release of a new Mac OS X (Yosemite). And thats going to affect the response for the patch and will probably take a little while before Apple release a patch.

How to protect yourself against RootPipe

Create a new account on your Mac computer, assign that account admin privileges and call it Admin or similar. Log out and in to the admin account and remove admin permissions from your first account.