ESET antivirus öppnar för attack mot macOS

Hacker News:

What could be more exciting for hackers than exploiting a vulnerability in a widely used software without having to struggle too much?

One such easy-to-exploit, but critical vulnerability has been discovered in ESET’s antivirus software that could allow any unauthenticated attackers to remotely execute arbitrary code with root privileges on a Mac system.

The critical security flaw, tracked as CVE-2016-9892, in ESET Endpoint Antivirus 6 for macOS was discovered by Google Security Team’s researchers Jason Geffner and Jan Bee at the beginning of November 2016.

As detailed in the full disclosure, all a hacker needs to get root-level remote code execution on a Mac computer is to intercept the ESET antivirus package’s connection to its backend servers using a self-signed HTTPS certificate, put himself in as a man-in-the-middle (MITM) attacker, and exploit an XML library flaw.
Jag har sagt det förut och jag säger det igen: Jag har kört Mac sedan 1999 och aldrig haft en antivirus-produkt installerad. Sunt förnuft räcker väldigt långt det med.

© 2020 Omsoc Publishing AB