Sudo bug also found to affect macOS
Apple has not patched the vulnerability yet
A vulnerability found last week that was originally thought to only affect the Linux and BSD operating systems is now believed to impact macOS as well. The security flaw, tracked as CVE-2021-3156, affects Sudo, an app used by administrators to grant root access to other users.
The sudo vulnerability was discovered by researchers at cybersecurity firm Qualys, who detailed how the bug could be used to carry out privilege escalation attacks. By triggering a “heap overflow,” in the app, it becomes possible to change a user’s low-privilege access to that of a root-level user. This is possible either by planting malware on a device or carrying out a brute force attack on a low-privilege sudo account.
Now, British security researcher Matthew Hickey has noted that the most recent version of macOS contains the Sudo app. He discovered that, with a few minor modifications, the CVE-2021-3156 vulnerability was effective on macOS devices.
- We've built a list of the best endpoint protection software around
- Check out our roundup of the best malware removal tools
- Also, these are the best ransomware protection services on the market
Patched or not
Hickey’s findings have been independently verified by other security experts but have reportedly not yet been acted upon by Apple itself. Hickey has said that Apple has been informed of the issue but no patch was included in the most recent security update released earlier this week.
Qualys researchers have determined that the sudo vulnerability has been exploitable for more than a decade but attacks are much more likely to occur now the flaw has been publicly disclosed. Fortunately, CVE-2021-3156 has been patched for the operating systems that it was originally discovered to be affecting.
Users can also test if their system is vulnerable to the sudo vulnerability by running the command “sudoedit -s /”. If the system remains vulnerable, it will respond with an error message starting with “sudoedit:” while a patched system will respond with an error that starts with “usage:”.
- We've also highlighted the best antivirus
Via ZDNet
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services. After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.