Originally shared by Martin Gustafsson
Still waiting for the details to be released on what #rootpipe exploits but it is a privilege escalation bypass of some sort.
If this privilege escalation bypass is combined with a zero day remote execute exploit of Safari (or other major browser on the platform) in combination with a hacked major website we could see something VERY bad happening.
All MacOS X users (10.8 and up), create a separate administrative account and remove your daily usage account(s) from the admin group!
For some reason this only seems to be headlining the news on tech sites here in Sweden so this needs to be spread around! FYI for anyone claiming the realiability of the source, TrueSec is a highly respected and comptent swedish company.
If this involves sudo, other n*x-flavours could be affected as wellö