Just days after Apple patched the DYLD_PRINT_TO_FILE security hole with the release of OS X 10.10.5, a developer has found a similar unpatched exploit that could allow attackers to gain root-level access to a Mac.

Luca Todesco shared information (via AppleInsider) on the "tpwn" exploit on GitHub over the weekend. It affects all versions of OS X Yosemite, including OS X 10.10.5, but does not affect OS X El Capitan.

tpwnvulnerability
Todesco did not give Apple a heads up on the vulnerability before sharing it publicly, so it is not clear when Apple will release a patch for machines running OS X Yosemite. As noted by AppleInsider, it is standard procedure (and a courtesy) for security researchers and developers to provide Apple with details on vulnerabilities before publicizing them to prevent hackers from using security holes for nefarious purposes.

According to Todesco, who has also shared what he says is a third-party fix, releasing details on the exploit is no different than releasing an iOS jailbreak, but as Engadget explains, Todesco's actions have the potential to be somewhat more harmful than a jailbreak.

Those are technically true, but they downplay the practical dangers of publishing this info. Many people aren't knowledgeable enough to try third-party safeguards or deal with the possible side effects, and jailbreaks are at least intended for semi-innocuous purposes. A 'surprise' exploit for the Mac only really serves to give attackers time that they wouldn't otherwise have.

It took Apple less than a month to release OS X 10.10.5 to fix the DYLD_PRINT_TO_ACCESS vulnerability after it was first publicized, but during the time between its discovery and the launch of the fix, an exploit using the vulnerability was discovered in the wild.

Ahead of a fix for this latest vulnerability, OS X Yosemite users can protect themselves by downloading apps solely from the Mac App Store and from trusted developers.

Top Rated Comments

pepan Avatar
pepan
129 months ago
I read somewhere that he only gave Apple a few hour's notice before releasing it. He's a scumbag. And I have to say that the writer of this article is sort of a scumbag if that screenshot is the code for the vulnerability (If this is true, sorry Juli).
The screenshot is just a proof that compiling some code and running it works. However, not giving a company any chance to release a fix is something only a complete jerk would do.
Score: 10 Votes (Like | Disagree)
Rigby Avatar
Rigby
129 months ago
The screenshot is just a proof that compiling some code and running it works. However, not giving a company any chance to release a fix is something only a complete jerk would do.
Perhaps he had good reasons for doing this. For example, he might have evidence that the bug is already being exploited. If true, people can immdiately use the third-party fix he pointed to rather than waiting around for Apple to fix it. After all, they sometimes takes their sweet time ('http://krebsonsecurity.com/2011/11/apple-took-3-years-to-fix-finfisher-trojan-hole/') ...

Also, I think his comparison to jailbreaks is apt. Essentially whenever a jailbreak is released, the jailbreakers publish privilege escalation bugs and a nice demo on how to exploit them.

Finally, one should keep in mind that he could just as well have sold the exploit on the black market for a fat check instead of just publishing it and then getting called "complete jerk" as a reward ...
Score: 7 Votes (Like | Disagree)
bradl Avatar
bradl
129 months ago
Front page news, surely?

Seems that it is now a race between Apple and malware writers make use of this information.
Again, this isn't of much use unless the attacker has physical or network access to your Mac. That isn't to say that this isn't any less of a vulnerability than those they've fixed, but this one also isn't something that someone can target a Mac with remotely, and instantly have root access.

tl;dr: a lot of variables have to fall into place at the right time for this to have any major impact to a single machine.

BL.
Score: 6 Votes (Like | Disagree)
bradl Avatar
bradl
129 months ago
I read somewhere that he only gave Apple a few hour's notice before releasing it. He's a scumbag. And I have to say that the writer of this article is sort of a scumbag if that screenshot is the code for the vulnerability (If this is true, sorry Juli).
close.. the screenshot is of the code being compiled by a non-root user and executed by the non-root user, showing how the privileges are escalated to become root.

Doesn't take away the fact that the guy was an idiot for releasing this the way he did.

Funnily enough, @i0n1c has a patch that can be applied to this.

BL.
Score: 6 Votes (Like | Disagree)
mijail Avatar
mijail
129 months ago
That may be true, but developers have a set of ethics (s)he should abide by.
If you want to assign developers ethics, then I guess you should start by mentioning the OS developers' ethics (meaning, Apple's). Apple:

* doesn't offer bug bounties
* sometimes doesn't even react to the bug reports
* when there's a reaction it uses to take months or more (and still some people praise them!?)
* doesn't always acknowledge the bug reporter
* doesn't EVEN make it easy to report and track bugs

So, again, what developer ethics are you talking about?
Score: 5 Votes (Like | Disagree)
gmanist1000 Avatar
gmanist1000
129 months ago
Note that this won't be patched AT ALL until AFTER El Capitan is released most likely.

10.10.5 is the final main update to Yosemite from what I heard via Apple Developer Support. They are soley focused on El Capitan from here on out.

That may change though (because this is Apple under Tim Cook. Anything can happen) Apple might still patch this via supplemental update.
They can easily just patch it with a security update, no need for 10.10.6 or anything like that.
Score: 4 Votes (Like | Disagree)
Read All Comments

Popular Stories

iphone 16 pro ghost hand

5 Reasons to Skip This Year's iPhone 17 Pro

Thursday July 10, 2025 4:54 am PDT by
Apple will launch its new iPhone 17 series in two months, and the iPhone 17 Pro models are expected to get a new design for the rear casing and the camera area. But more significant changes to the lineup are not expected until next year, when the iPhone 18 models arrive. If you're thinking of trading in your iPhone for this year's latest, consider the following features rumored to be coming...
Read Full Article107 comments
apple tv 4k new orange

New Apple TV Expected Later This Year With These New Features

Saturday July 12, 2025 3:09 pm PDT by
A new Apple TV is expected to be released later this year, and a handful of new features and changes have been rumored for the device. Below, we recap what to expect from the next Apple TV, according to rumors. Rumors Faster Wi-Fi Support The next Apple TV will be equipped with Apple's own combined Wi-Fi and Bluetooth chip, according to Bloomberg's Mark Gurman. He said the chip supports ...
Read Full Article154 comments
iPhone 17 Pro in Hand Feature Lowgo

iPhone 17 Pro Coming Soon With These 16 New Features

Friday July 11, 2025 12:40 pm PDT by
Apple's next-generation iPhone 17 Pro and iPhone 17 Pro Max are only two months away, and there are plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models. Latest Rumors These rumors surfaced in June and July:A redesigned Dynamic Island: It has been rumored that all iPhone 17 models will have a redesigned Dynamic Island interface — it might ...
Read Full Article
macbook pro blue green

M5 MacBook Pro No Longer Coming in 2025

Thursday July 10, 2025 12:38 pm PDT by
Apple does not plan to refresh any Macs with updated M5 chips in 2025, according to Bloomberg's Mark Gurman. Updated MacBook Air and MacBook Pro models are now planned for the first half of 2026. Gurman previously said that Apple would debut the M5 MacBook Pro models in late 2025, but his newest report suggests that Apple is "considering" pushing them back to 2026. Apple is now said to be...
Read Full Article94 comments
iphone 16 pro pro max

iPhone 17 Pro Models With BOE Displays Will Be Sold in China Only

Thursday July 10, 2025 11:59 pm PDT by
iPhone 17 Pro and iPhone 17 Pro Max models with displays made by BOE will be sold exclusively in China, according to a new report. Last week, it emerged that Chinese display manufacturer BOE was aggressively ramping up its OLED production capacity for future iPhone models as part of a plan to recapture a major role in Apple's supply chain. Now, tech news aggregator Jukan Choi reports...
Read Full Article14 comments
Apple Watch Ultra 2 Complications

Apple Watch Ultra 3: What to Expect

Sunday July 13, 2025 10:30 am PDT by
The long wait for an Apple Watch Ultra 3 is nearly over, and a handful of new features and changes have been rumored for the device. Below, we recap what to expect from the Apple Watch Ultra 3:Satellite connectivity for sending and receiving text messages when Wi-Fi and cellular coverage is unavailable 5G support, up from LTE on the Apple Watch Ultra 2 Likely a wide-angle OLED display that ...
Read Full Article96 comments
apple wallet drivers license feature iPhone 15 pro

Apple Says iPhone Driver's Licenses Will Expand to These 8 U.S. States

Tuesday July 8, 2025 11:26 am PDT by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. Unfortunately, this feature continues to roll out very slowly since it was announced in 2021, with only nine U.S. states, Puerto Rico,...
Read Full Article
iPhone 17 Air Colors Thumb 2

iPhone 17 and iPhone 17 Air Rumored to Come in These 9 Colors

Friday July 11, 2025 12:30 am PDT by
The iPhone 17 and iPhone 17 Air will be available in a total of nine color options, according to new information coming out of Asia. The iPhone 17 Air's expected color options. According to the leaker going by the account name "yeux1122" on the Korean blog Naver, accessory manufacturers are now producing camera protector rings for the iPhone 17 and iPhone 17 Air in colors to match their...
Read Full Article37 comments