HITBSecConf2017 Amsterdam (April 10th - 14th)
Register Online Now!
As at least one poor soul found out the hard way, there's a very good reason that Apple's latest OS X, El Capitan, doesn't let you use an emoji in your login password.
Apple doesn't have the same rule with OS X Yosemite. A user on Stack Exchange's Ask Different forum explained that he had used an emoji in his password on Yosemite — and then wasn't able to log in to his account. He originally posted about it back in August, but it's a PSA worth repeating.
Just days after patching the DYLD_PRINT_TO_FILE vulnerability with a new OS X point release, Apple's desktop operating system has been hit with yet another zero-day exploit that would allow an attacker to gain root access without using a password.
The exploit was discovered by Italian developer Luca Todesco, who relies on a combination of attacks — including a null pointer dereference in OS X's IOKit — to drop a proof-of-concept payload into a root shell. It affects every version of OS X Yosemite, but seems to have been mitigated in OS X El Capitan, which is nearing release.
Hackers are exploiting a serious zero-day vulnerability in the latest version of Apple's OS X so they can perform drive-by attacks that install malware without requiring victims to enter system passwords, researchers said.
Apple on Thursday released a second beta build of its upcoming OS X 10.10.5 Yosemite update to developers for testing, including what appears to be only minor tweaks and bug fixes.
The latest beta, build 14F19a, comes a little over two weeks after the first beta version was pushed out to developers and users signed up for Apple's public beta program.
Like the first beta, today's build brings minor tweaks and bug fixes aimed at improving system stability, app compatibility and security.