View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Apple looks to fix DYLD bug in Mac

Company criticized for not taking enough security measures.

By CBR Staff Writer

Apple is trying its best to fix the DYLD bug, which provides deep access to affected machines and has been spotted infecting computers.

The company is expected to fix the bug in its next security update, Desktop OS X 10.10.5.

However, the initial beta of the updated OS did not provide fixes for the bug, which ignited speculation that the company will not fix it until the Autumn, when its next El Capitan OS is expected to be released.

Mac OS X 10.10.4. has partially patched a second bug ‘Thunderstrike 2’ which allows hackers to use a malicious webpage to overwrite a computer’s firmware.

Thunderstrike 2 can create a worm that can spread from one system to the other without human intervention.

In TidBITS news site, Mac security expert Rich Mogull said: "In this case, an infected computer will infect something known as the option ROM on any vulnerable Thunderbolt device that’s attached. Then that device can infect any computer it’s connected to, and so on.

"Yes, it’s a worm, and that’s the most interesting part of the research.

Content from our partners
Why food manufacturers must pursue greater visibility and agility
How to define an empowered chief data officer
Financial management can be onerous for CFOs, but new tech is helping lighten the load

"But especially with the new patch in place, and the generally limited use of Thunderbolt, it would be hard for even a malicious version of this attack to spread very far."

Apple has taken steps to prevent further exploitation of the vulnerability by revoking the credentials of developers who use it, reported The Guardian.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy Policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications.