Mac Security Flaw “Rootpipe” puts Your Company's Data at Risk

Mac Security Flaw

Last August Emil Kvarnhammar, a consultant at a Swedish IT Security Firm TrueSec, discovered a flaw in Mac devices running OS X Yosemite, Mavericks, and Mountain Lion. Kvarnhammar has named the security flaw “Rootpipe”. He says the security flaw affects companies’ business information, data stored on all company devices, and private customer data. Any hacker who wants to exploit this security flaw can access your system and bypass your login credentials.

The Rootpipe vulnerability will give hackers access to any Mac computer without knowing the person’s password. Therefore, any hacker can circumvent the existing security measures to gain administrator-level privileges. According to Kvarnhammar this security flaw has existed since 2011. However, he only discovered the flaw last year in October.

Furthermore, according to Ars Technica, a security analytics at Source DNA claims that another security flaw in Mac devices is leaving around 1500 iPhones and iPad apps vulnerable to hackers. Technica has estimated that this crippling bug will affect over two millions users that have installed the different vulnerable apps on their devices.

If you have installed Citrix Open Voice Audio Conferencing, Movies by Flixstar with Rotten Tomatoes, Alibaba.com mobile app, KYBankAgent 3.0 and Revo Restaurant Point of Sale on any of your devices you are vulnerable to attacks. The weakness found is these apps are a direct result of the AFNetworking or open-source library. For more information how this flaw can affect you, please read Risk Assessment/Security & Hacktivism.

Rootpipe Vulnerability In Their NEW OS X Version

In April, Apple has attempted to patch the Rootpipe vulnerability in their new OS X 10.10.3 version. Unfortunately, any older versions of the OS X are still left vulnerable. According to Patrick Wardle a former NSA agent, he claims the new patch still has flaws and devices continue to remain vulnerable to attack. In his report he says that any Mac running OS X 10.10.3 or older are still affected by the Rootpipe flaw.

Just recently Apple faced another security flaw they have called “FREAK”. This new security flaw affected everything from an iPod touch to an Apple TV. All Apple devices were vulnerable to the flaw and could have their sensitive information stolen by hackers. Fortunately, Apple quickly released a few security updates to repair this flaw.

Until the Rootpipe flaw is fixed you need to protect your Mac devices used in your business. Therefore, all companies should:

  1. Stop using the default admin account on all devices. Instead, everyone needs to create a separate user account.
  2. All devices need to install and use Apple’s FileVault to keep their data encrypted.
  3. Keep all your Mac devices update and protected with Apple’s latest security updates.

Image: pixabay.com

More about: apple, security, flaws, apps, os+x, rootpipe

Recommended Posts | IT News

IT News Relevant Domain Name

Developing an IT News Relevant Domain Name

I have experience developing domain names for the purposes of resale or (flipping). The process involves purchasing a domain and then building it's presence online and then selling it for a higher profit than the initial purchasing price. What you need to forge a compelling IT News related domain ...
Advantages and Disadvantages of Shopping Online

The Advantages and Disadvantages of Shopping Online

If your a person who loves shopping online, you know that it is done right at your fingertips and at a speedy click. There is one thing that we have to understand, and that is risks of shopping online. Shopping online comes with advantages and disadvantages so here is what that might include ...
8 New Tablets

Vendor’s Release 8 New Tablets

PC shipments declined while the tablet market has grown 47 percent. In recent years tablets have invaded every aspect of people's lives. The Los Angeles has been using tablets as part of the children's learning process for the past few years. New Tablets From Samsung, Amazon, Acer, LG, Microsoft ...
Samsung Reportedly Offers to Buy BlackBerry

Samsung Reportedly Offers to Buy BlackBerry for $7.5 Billion

Samsung and BlackBerry executives discuss the takeover offer, though an official statement on the outcome of the talk has yet to be released. Both BlackBerry and Samsung have denied the alleged takeover bid and BlackBerry went so far as to publish a statement saying it is not engaged in any talks ...