MacKeeper Patches Remote Code Execution Vulnerability - BestCyberNews: Online News Presenter in the present world

BestCyberNews: Online News Presenter in the present world

Start knowing

test banner

Breaking

MacKeeper Patches Remote Code Execution Vulnerability

MacKeeper is well known antivirus software for Mac OS X is designed to improve Mac performance and security, but it is infamous for its noisy "clean up your Mac" pop-under ads that stress the need for a system cleanup.

A vulnerability has been discovered in MacKeeper, a utility program for OS X. MacKeeper was originally created by Ukrainian company ZeoBIT and is now distributed by Kromtech Alliance Corp. 

A flaw exists in MacKeeper's URL handler implementation that allows arbitrary remote code execution when a user visits a specially crafted webpage.

Security researcher Braden Thomas has discovered a serious flaw in the way MacKeeper handles custom URLs that allows arbitrary commands to be run as root with little to no user interaction required. 

Mr. Thomas released a proof-of-concept demonstrating how visiting a specially crafted webpage in Safari causes the affected system to execute arbitrary commands in this case, to uninstall MacKeeper. 

This flaw appears to be caused by a lack of input validation by MacKeeper when executing commands using its custom URL scheme.

Apple allows OS X and iOS apps to define custom URL schemes and register them with the operating system so that other programs know which app should handle the custom URL scheme. Normally, this is used to define a custom communication protocol for sending data or performing a specific action.

MacKeeper said "Critical vulnerability has been identified within MacKeeper when executing commands using its custom URL scheme. MacKeeper has released a new version of the service that addresses this vulnerability.
Mitigation Strategy for Customers:

Starting from May 8, 2015, 4pm ET, run MacKeeper Update Tracker and install the latest version of the application, version 3.4.1 or later. 

Steps to update:

MacKeeper Update Tracker automatically checks for a later version whenever the application is run.  Click OK when prompted that new version is available.

MacKeeper would like to thank Braden Thomas and SecureMac for reporting these issues."




Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter