Security 10745 Published by

Techradar posted a story that Apple Mac owners have come under attack from a zero-day vulnerability that has the potential to be exploited without needing the system password



Worryingly, researchers from Malwarebytes have found a new installer that is exploiting this problem to infect Macs with the VSearch adware and the worst part about it is that attackers don't need a password to gain root permissions via a Unix shell.

Apple failed to patch up the flaw in the current 10.10.4 version of OS X, according to Stefan Esser, a security researcher, or a beta version of 10.10.5 tested by the same researcher, although the exploit doesn't work against 10.11, indicating Apple developers are working to eradicate it.Wait for Apple's patchRidding your machine of the bug is currently quite difficult.
  Mac OS X vulnerable to new zero-day attack