Coming fix for ‘dyld’ vulnerability in OS X 10.10

You may have read of the recently disclosed ‘dyld’ privilege escalation vulnerability in OS X 10.10. This was first reported by Stefan Esser, with details here.

At that time, Ars Technica and others considered this worrying, but unexploited.

The inevitable happened, and there are now reports that this is being exploited in ‘drive-by’ attacks. At present these attacks install adware which does not require the entry of an admin password, so you could be unaware of the attack and unable to stop payload installation. However you would still need to visit a malicious website or open a malicious email to initiate the download.

Patrick Wardle reports that his security tool BlockBlock detects and can block the malicious payload in such attacks. In the immediate term, you would therefore be well advised to use this tool, if you are not already doing so.

The good news is that it looks like the forthcoming update to 10.10.5 will address this vulnerability. Let’s hope that it does, and is released soon.