sentinelone
Latest
Recently patched security flaw bypassed OS X's new defenses
Theoretically, the System Integrity Protection introduced in OS X El Capitan makes it very hard to completely compromise a Mac. The feature prevents software from modifying protected files even if you have root access, preventing most software-based attacks from working. However, it's now clear that even this safeguard isn't airtight. SentinelOne's Pedro Vilaça has discovered a security flaw that -- combined with access gained via another method, like a phishing attack or browser vulnerability -- lets you run any code you like on a Mac, even with SIP in effect. The vulnerability takes advantage of a corruption bug in OS X to give a program full control over your system; since certain programs need full privileges for OS X to work (you couldn't update your system otherwise), the intruder just has to target the right file to hijack your computer.
