Apple has confirmed to iMore that they're working on a fix for Rootpipe, an OS X exploit that's gotten a lot of attention recently. Rootpipe doesn't seem much different than other security bugs that are routinely discovered, disclosed, and dealt with during the normal course of Mac updates. So, what's going on?
A privilege escalation bug, Rootpipe can allow someone to gain 'root' access to your Mac. In other words, almost unlimited power over everything and anything on the computer.
The catch is, the Rootpipe exploit has to be executed on your Mac using an account with administrator (admin) privileges. An admin account is common enough — many people only have a single account on their Mac and do run as admin. Being able to execute the exploit is more challenging — an attacker would either have to have physical access to your Mac, or have previously gained remote access through some other method, such as malicious user-installed software, or a remotely exploitable vulnerability. And, with or without Rootpipe, if an attacker has gained remote access to your Mac, you already have problems.
Rootpipe is a legitimate security vulnerability and Apple is already working to fix it. That said, we have yet to see an exploit in the wild or any other indication that average users have any reason to worry. While the media may have worked themselves into a frenzy over Rootpipe — and WireLurker — it's important to remember the current hype once again seems highly disproportionate to the actual danger posed to Mac users at this time.
Nick Arnott contributed to this article.