It would appear that researchers have just discovered a serious zero-day vulnerability in Apple's OS X 10.10 (Yosemite) computer operating system that could allow attackers and skilled hackers to install malware and adware into a target Mac without the need for administrative privileges.
Malwarebytes announced the big news on August 3, 2015, which is called a DYLD_PRINT_TO_FILE exploit. The 0-day vulnerability affects the current stable version of Mac OS X 10.10 (build 10.10.4), as well as the recent Beta build of OS X 10.10.5 Yosemite, and was discovered by Adam Thomas while testing a new adware installer.
Mr. Thomas reports that he discovered the zero-day security vulnerability in Mac OS X 10.10.4 Yosemite during some tests of a new adware installer that had modified his sudoers file, so anyone can install anything on the target Mac without needing the user's consent or any other system password.
Hackers can take advantage of this zero-day vulnerability, which is actually related to some error logging features introduced in Mac OS X 10.10.4, to install adware like MacKeeper, VSearch, and Genieo. Check out the attached screenshot to see how the sudoers file was modified by the adware installer.
"Then the script uses sudoís new password-free behavior to launch the VSInstaller app, which is found in a hidden directory on the installerís disk image, giving it full root permissions, and thus the ability to install anything anywhere. (This app is responsible for installing the VSearch adware.)," says Thomas Reed on behalf of Malwarebytes.
Mac OS X 10.11 El Capitan is not affected
While there's nothing you can do to stop a skilled hacker from installing malware and adware on your Mac running the latest stable or Beta version of OS X 10.10 Yosemite, there's some good news for those who are using Mac OS X 10.11 El Capitan Beta builds, as it appears that they're not affected. Until Apple fixes the security flaw, here's how you can protect yourself from malware and adware.