The supposed security of Mac computers has traditionally been a source of pride for Mac users and Apple themselves. Whereas anti-virus software is very close to a necessity for Windows given the amount of malicious programmes out there, there's usually no such requirement for Macs. There are still dangers, but comparatively few.
The wisdom behind this long-standing perception has been tested this week, with tech researchers highlighting two types of exploit that could, at worst, render a Mac completely useless.
Last month security researcher Stefan Esser revealed a 'privilege escalation' vulnerability, which could potentially cause damage to a computer while bypassing security features such as a password.
Esser wrote, "at the moment it is unclear if Apple knows about this security problem or not, because while it is already fixed in the first betas of OS X 10.11, it is left unpatched in the current release of OS X 10.10.4 or in the current beta of OS X 10.10.5."
Earlier this week, Malwarebytes revealed that one of their researchers had discovered the exploit 'in the wild' while testing an adware installer. In essence, the very exploit reported by Esser is already being used for insidious purposes.
Explaining what exactly happens, Malwarebytes wrote, "for those who don’t know, the sudoers file is a hidden Unix file that determines, among other things, who is allowed to get root permissions in a Unix shell, and how. The modification made to the sudoers file, in this case, allowed the app to gain root permissions via a Unix shell without needing a password."
Criticising Esser for not reporting the exploit to Apple before going public (although another researcher had alerted the company), the group also writes, "this is obviously very bad news. Apple has evidently known about this issue for a while now... Hopefully, this discovery will spur Apple to fix the issue more quickly."
Separately, another group of researchers have uncovered a series of vulnerabilities that could cause even more damage to Mac computers if not fixed by Apple.
The five vulnerabilities affect a Mac's firmware - the 'core' operating system of a computer that runs the likes of fans and power supplies. Researchers managed to write code for a software worm called Thunderstrike 2 that takes advantage of the vulnerabilities, and could be easily spread from one MacBook laptop to another.
Researcher Xeno Kovah told Wired that the attack is "really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware. For most users that’s really a throw-your-machine-away kind of situation."
Two of the vulnerabilities have since been patched by Apple - however three remain. The company is believed to be making efforts to deal with the discoveries as soon as possible, and has confirmed the previously discovered privilege escalation bug will be patched in the next update.
Thunderstrike 2 is not an immediate threat to Mac users, since the researchers designed it as a proof of concept, and of course will not be releasing it into the wild. However it goes to show that OSX computers are very much open to exploits.
Mac enthusiasts can only keep their fingers crossed Apple fix the problems before somebody with more sinister motives decides to take advantage of them. Otherwise Apple fans may find themselves installing that anti-virus software after all.
