Last month, computer security expert Stefan Esser (Stefan Esser) reported they found dangerous vulnerability in the operating system OS X Yosemite. As it turned out, the new environment variable DYLD_PRINT_TO_FILE dynamic links dyld editor allows you to open and modify any system files without entering the administrator password, and this gap is already actively used by attackers.
Malwarebytes researcher Adam Thomas (Adam Thomas) found a script that can modify the sudoers file for root-rights without a password. Then kiberpristupniki can safely run the installer type of malware VSearch, Genieo and MacKeeper. It should be noted that a critical vulnerability is present even in a recent beta OS X Yosemite 10.10.5. More fortunate users OS X El Capitan 10.11, which deals with a bug has already been fixed.
Partly DYLD_PRINT_TO_FILE designed to record error messages to the specified file instead of the standard stream stderr. However, the developers of the operating system did not care about safety precautions, playing into the hands of attackers.
Recently, it was also reported on the development of the bootkit Thunderstrike 2 capable imperceptibly infect your Mac.