New Security Vulnerability Affects Current Mac OS Users
Not long ago, a critical flaw in Linux SUDO was discovered and is being tracked as CVE-2021-3156.
Given the nickname “Baron Samedit,” it’s a flaw in a Unix program that allows system admins to provide root-level privileges to any users listed in the “sudoers” file.
More disturbing, however, is the fact that just over a week from the time this piece was written, researchers stumbled across the fact that the Sudo privilege escalation also impacts the latest version of macOS, Big Sur 11.2.
Linux developers have already moved to patch the issue in various Linux distros, including Debian, Fedora, and Ubuntu, which are three of the most popular. However, there is currently no fix yet for macOS, and no ETA for when one will be released. Apple has proven to be quite responsive in the face of issues like these, however, so the smart money says it won’t belong.
Security researcher Matthew Hickey put together a simple proof of concept that shows how the exploit works which is standard practice in situations like these, but it does mean that the clock is ticking. Even if the exploit wasn’t being actively used by hackers before, with a step-by-step blueprint in hand, you can bet that it’s just a matter of time.
Matthew Hickey points out that it’s not possible for Mac users to take matters into their own hands and attempt to upgrade SUDO manually because Apple’s System Integrity Protection system prevents this. IBM notes that there is not yet a patch for the AIX Unix distribution at this time, which is one of the few builds, other than macOS that are not yet protected against this flaw. So if you use either of those, be aware that you are facing a period of vulnerability and watch for the fix, which should be released soon.