Author Topic: Mac Rootpipe vulnerablility (Read 1521 times)

REDACTED · « **on:** November 06, 2014, 06:17:29 PM »

With Apple begging off until January, 2015 to release a security update to it's new Yosemite (OSX 10.10) to address the Rootpipe volnerability, how is Avast! protecting Mac users in the interim?

Apparently the general wisdom is to no sign-in to an Administrator account until the patch can come out, but is there anything Avast! is doing in the interim.

Thanks
Webrider

specimen9999 · « **Reply #1 on:** November 07, 2014, 02:26:53 PM »

1. Rootpipe is a vulnerability in OS X. A malware may take advantage of this vulnerability and when such malware becomes known by Avast! they will probably add signatures for it, however, Avast cannot protect against, or patch the vulnerability itself, only block malware that takes advantage of it (of which there isn't any known implementation, AFAIK).

2. The person who found the vulnerability as only disclosed the details with Apple, as far as I know, not with Avast (or with anyone else willing to write malware or software to guard against it).

3. Because this is a vulnerability in the OS, it's up to Apple to patch, it's up to Avast to keep track of any malware that uses it.

Author Topic: Mac Rootpipe vulnerablility (Read 1521 times)

REDACTED

Mac Rootpipe vulnerablility

specimen9999

Re: Mac Rootpipe vulnerablility