Hackers have been taking advantage of a serious zero-day vulnerability in the latest version of Apple’s OS X (Yosemite), allowing them to install malware and adware on Macs without the need of a password or administrative privileges.
Malwarebytes reported yesterday (Monday 3rd August) that one of its experts had found the first known exploit of this flaw, which was first identified by SektionEins’ Stefan Esser last month.
Adam Thomas, a threat researcher at Malwarebytes, uncovered the malicious installer while running tests on an OS X machine. Here he found something peculiar – his sudoers file had been modified without permission.
