Categories: Security

Controversial Mac Security Program Hit By ‘Critical’ Flaw

A “critical” vulnerability in the controversial Mac security program MacKeeper could allow attackers to take over a system if the user visits a specially crafted web page.

MacKeeper said it has issued a new version of the application that fixes the issue, version 3.4.1, and urged users to update. The program is set by default to automatically download new releases.

Public exploit

Security researchers noted that a proof-of-concept and exploit code are publicly available, so that the issue poses an immediate danger to millions of MacKeeper users.

The vulnerability exists in the way MacKeeper handles customised web addresses, according to the company. MacKeeper registers with Mac OS X to handle its own customised URL scheme, so that the program launches whenever those URLs are run in a browser. However, the vulnerable versions don’t properly validate the input from such addresses, according to an advisory from security firm SecureMac.

As a result, such a URL can be crafted in such a way as to run arbitrary commands with the same privileges as MacKeeper, that is, with administrator privileges, researchers said.

If MacKeeper has already asked for the user’s password during the program’s normal operations, the command will be run without user interaction. Otherwise, MacKeeper will ask for the user’s password, but the dialogue box’s text can be manipulated so that the user might not know what they are authorising, MacKeeper said.

Many could be affected

SecureMac noted that the vulnerability “could affect an extremely large number of users”, since MacKeeper said recently it has surpassed 20 million downloads worldwide.

The researcher who discovered the flaw, Braden Thomas, released a proof-of-concept exploit via Twitter, including a link to the source code for the exploit, meaning that the issue would be easily exploitable by hackers. The proof-of-concept runs a command that removes MacKeeper from the system.

“There are no known cases of any security breech and the fix was created within hours of being notified,” MacKeeper said in its advisory.

MacKeeper, created by Ukrainian developer Slava Kolomiychuk, was sued in 2014 for allegedly telling users that nonexistent problems were found on their systems in order to coerce them into buying the program. The lawsuit is close to a settlement that would see MacKeeper pay $2m in refunds, without admitting fault.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago