A Swedish white-hat hacker has discovered a serious vulnerability in OS X Yosemite that may extend to previous Mac operating systems as well, reports The Hacker News’ Mohit Kumar.
Rootpipe allows intruders with direct access to gain administrator-level privileges on Macs running OS X Yosemite, Mavericks, or Mountain Lion without a password.
The security flaw gives attackers the opportunity to steal information, install malicious programs, or erase users’ hard drives.
Kvarnhammar, for his part, appears to be waiting for Apple to patch Rootpipe before saying much about it:
Rootpipe has probably been around since at least 2012, according to Swedish tabloid Aftonbladet.
Apple has not publically acknowledged the security flaw and is expected to patch it in mid-January 2015, reports ZDNet.
We’ve reached out to Apple for comment and will update this post if we hear back.