Categories: Security

Controversial Mac Security Program Hit By ‘Critical’ Flaw

A “critical” vulnerability in the controversial Mac security program MacKeeper could allow attackers to take over a system if the user visits a specially crafted web page.

MacKeeper said it has issued a new version of the application that fixes the issue, version 3.4.1, and urged users to update. The program is set by default to automatically download new releases.

Public exploit

Security researchers noted that a proof-of-concept and exploit code are publicly available, so that the issue poses an immediate danger to millions of MacKeeper users.

The vulnerability exists in the way MacKeeper handles customised web addresses, according to the company. MacKeeper registers with Mac OS X to handle its own customised URL scheme, so that the program launches whenever those URLs are run in a browser. However, the vulnerable versions don’t properly validate the input from such addresses, according to an advisory from security firm SecureMac.

As a result, such a URL can be crafted in such a way as to run arbitrary commands with the same privileges as MacKeeper, that is, with administrator privileges, researchers said.

If MacKeeper has already asked for the user’s password during the program’s normal operations, the command will be run without user interaction. Otherwise, MacKeeper will ask for the user’s password, but the dialogue box’s text can be manipulated so that the user might not know what they are authorising, MacKeeper said.

Many could be affected

SecureMac noted that the vulnerability “could affect an extremely large number of users”, since MacKeeper said recently it has surpassed 20 million downloads worldwide.

The researcher who discovered the flaw, Braden Thomas, released a proof-of-concept exploit via Twitter, including a link to the source code for the exploit, meaning that the issue would be easily exploitable by hackers. The proof-of-concept runs a command that removes MacKeeper from the system.

“There are no known cases of any security breech and the fix was created within hours of being notified,” MacKeeper said in its advisory.

MacKeeper, created by Ukrainian developer Slava Kolomiychuk, was sued in 2014 for allegedly telling users that nonexistent problems were found on their systems in order to coerce them into buying the program. The lawsuit is close to a settlement that would see MacKeeper pay $2m in refunds, without admitting fault.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

11 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

13 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

14 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

15 hours ago