In its next security update, Apple will be releasing a patch for the recent desktop operating system vulnerabilities.
The main priority for organisation is aiming for the “serious privilege escalation” bug patch to be released first, as soon as possible for its systems.
It is expected to be launched in the next security update, Mac OS x 10.10.5, after customers grow increasingly concerned about their security. The bug allows a program to run as an administrator without asking for the user to input their password.
The second glitch named ‘Thunderstrike 2’ allows hackers to overwrite a computer’s firmware using a malicious webpage. This particular bug has already been partially patched in its recent Mac OS x 10.10.4 update.
The most worrying part of the Thunderstrike 2 vulnerability is that it allows attackers to create a worm that can spread from computer to computer, with no human intervention required. However, some experts have questioned the plausibility of this statement.
Rich Mogull, a Mac security expert has expressed his opinion on Thunderstrike 2, stating that:
“Yes, it’s a worm, and that’s the most interesting part of the research. But especially with the new patch in place, and the generally limited use of Thunderbolt, it would be hard for even a malicious version of this attack to spread very far. Nearly everyone can ignore Thunderstrike 2 entirely”
The reports of these vulnerabilities have already led to concerns that the company is losing its emphasised secure status over competition.