Authored by a Symantec employee
Symantec has confirmed the existence of two new vulnerabilities, which are security holes in software, in Mac OS X operating systems originally discovered by Italian researcher Luca Todesco. These vulnerabilities have the potential to allow an attacker to gain remote access to a computer and control it or plant malware. In order to be exploited, the vulnerabilities need the victim to voluntarily run an application.
The vulnerabilities affect OS X versions Mavericks 10.9.5 up to Yosemite 10.10.5. Luckily, there have been no reports of these being exploited in the wild as of yet. However, since there is no official patch from Apple, cybercriminals will certainly try to take advantage of this vulnerability.
Until Apple issues a patch for the vulnerability, it is important for users to follow extra steps to ensure their security:
- Use extra caution when receiving suspicious messages from unknown senders, especially ones containing an attachment or link.
- Exercise caution and only download and install new software from trusted sources such as Apple’s App store.
- Install any security updates to OS X as soon as they become available.
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.
© 2017 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the Lockman Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome is a trademark of Google, Inc. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.