A new exploit gives hackers near-total control of any Mac
A newly discovered zero-day vulnerability for OS X allows hackers to execute code previously thought to be protected by Apples new kernel defense, known as System Identity Protection (SIP).
“Our researchers recently uncovered a major flaw which allows for local privilege escalation and bypass of System Integrity Protection, Apple’s newest protection feature,” said SentinelOne in a blog post announcing the discovery.
SIP was a feature first introduced in El Capitan. It prevents users from changing system files through a “rootless” system that keeps even administrator accounts from accessing specific files without first disabling SIP.