Apple is trying its best to fix the DYLD bug, which provides deep access to affected machines and has been spotted infecting computers.
The company is expected to fix the bug in its next security update, Desktop OS X 10.10.5.
However, the initial beta of the updated OS did not provide fixes for the bug, which ignited speculation that the company will not fix it until the Autumn, when its next El Capitan OS is expected to be released.
Mac OS X 10.10.4. has partially patched a second bug ‘Thunderstrike 2’ which allows hackers to use a malicious webpage to overwrite a computer’s firmware.
Thunderstrike 2 can create a worm that can spread from one system to the other without human intervention.
In TidBITS news site, Mac security expert Rich Mogull said: "In this case, an infected computer will infect something known as the option ROM on any vulnerable Thunderbolt device that’s attached. Then that device can infect any computer it’s connected to, and so on.
"Yes, it’s a worm, and that’s the most interesting part of the research.
"But especially with the new patch in place, and the generally limited use of Thunderbolt, it would be hard for even a malicious version of this attack to spread very far."
Apple has taken steps to prevent further exploitation of the vulnerability by revoking the credentials of developers who use it, reported The Guardian.
This article is from the CBROnline archive: some formatting and images may not be present.
Join Our Newsletter
Want more on technology leadership?
Sign up for Tech Monitor's weekly newsletter, Changelog, for the latest insight and analysis delivered straight to your inbox.