Apple OS X at Risk From DLL Hijacking Exploit
A Synack researcher alleges that Dynamic Link Libraries (DLLs) can be used to bypass Apple's Gatekeeper and other security products.Apple's OS X operating system has multiple layers of security to protect users against potentially malicious applications, but according to Patrick Wardle, director of research at Synack, Dynamic Link Libraries (DLL) hijacking can be used to bypass those protections, potentially putting users at risk. Wardle is set to formally detail his research at a presentation at the CanSecWest security conference in Vancouver, British Columbia, on March 18. Apple did not respond to a request for comment from eWEEK about Wardle's research. "I submitted the initial bug to Apple via their suggested bug reporting channel, https://bugreport.apple.com, on Jan. 15, 2015," Wardle told eWEEK. "In this report, I also informed them I'd be speaking about this at CanSecWest." Wardle said he didn't get an initial response back from Apple, so he resubmitted his findings on Feb. 7 and got an automated response on Feb. 9 acknowledging the submission. On Feb. 10, Wardle emailed Apple back, thanking the company for its automated response and to reiterate that he would be talking about the DLL hijacking issue at the CanSecWest conference. On Feb. 13, Apple emailed Wardle back thanking him for his previous email. Wardle noted that the Feb. 13 email was the first time he received a non-automated response from Apple.
"They [Apple] also emailed me at the end of February, stating they would be willing to provide feedback on my slides," Wardle said. "At no point did they ask for more technical details or provide any indication that they would be patching/fixing this issue."