So, the guy's obviously a complete a-hole, so no slack there for him. He's a d*ck for releasing this without responsible disclosure.
But he does make a valid point that Apple has gotten into a really terrible habit of not back-porting fixes to previous OSes. I realize that back-porting takes some definite work on the part of developers, but in my view, it is just as irresponsible of Apple to only look to fix something this serious in an OS release that is several months away still.
As usual, the whole Mac community will be more or less forced to upgrade to El Capitan if they want to keep their Mac secure from these kinds of exploits. I really wish Apple would actually put some of those billions of dollars they make every quarter to do the necessary work of fixing this in the current shipping version of their OS. Its hard to continue to trust that Apple has its users best interests in mind when they continue to NOT do the right thing, and keep looking to cut corners all the time!
Apple needs to take a page from Microsoft in regards to how they support their OSes. I'm not arguing for backwards compatibility, but they should at least provide a Support Lifecycle for their products that make it clear what can be expected in terms of updates with their products. And if they find a security issue then they should fix it across all supported products at that point in time.
@bpavlov Yes, exactly. InfoSec is always asking me about is this supported is this not supported, why did this fix get put in. Does apple support these OSs or not. I'm like well its n-2....ish. ish. ish. Though they did eventually back port the fix for CVE-2015-1130, there needs to be a bit more consistency in their support model. Especially if they want to continue this facade of being enterprise freindly.
Yes of course we want Apple to back port, especially considering they haven't end of lifed previous OS versions. However, as the guy has admitted himself, he doesn't even know if Apple fixed it intentionally in 10.11 or if it became fixed by accident, so his argument that Apple should have back ported already is ridiculous.
He needs to learn from the professionalism and maturity that someone like Emil Kvarnhammar showed with rootpipe.
Zero day threats are severe and this is only a zero day threat due to his own arrogant naivety.
Strangely enough, he hasn't announced it until he came up with a fix. I guess this is some poor attempt to get people to recognise them and get their code used.
You'll get no argument from me that he's acting like a child in this situation. It does seem like he's on some kind of vendetta to trash Apple wherever possible. I get rather annoyed at these so-called "security researchers" like him that give all the other legit researches a bad name by acting like this. No matter how he feels about the company, he is putting millions of user's information at risk, and that's really low.
And yeah, I suppose its possible this got fixed by accident by way of other changes Apple made in 10.11, but unfortunately we may never even know for sure since Apple probably won't admit anything one way or another.
Regardless, it sure would be nice to see Apple post a fix for this at some point for Yosemite. It used to be that I could confidently tell folks here that fixes would make it into the current shipping OS at a minimum but past OSes were not a guarantee.
Of course if Apple doesn't even admit this vulnerability exists until they release 10.11 then they can get away with saying its fixed in the 'current release'
So some good news at least. On a normal image, the script might not be as effective. It requires gcc to compile the code it writes. I just tested three machines from fresh OS builds, and since xcode isn't installed on them - gcc isn't either. When the user attempts to run the script, it tries to get gcc - which the user can't get since it's blocked by proxy and they don't have admin rights.
But still one to keep an eye on.