An apparently inadequate patched security gap in parallel desktop could enable a local attacker to achieve root rights in MacOS-and thus take control of the computer. A security researcher has now released the associated zero-day exploit for this weak point in two variants. He wanted to create a problem awareness and urge the software to “proactively minimize risks”, emphasized security researcher Mickey Jin – after all, attackers could take advantage of the “in the wild”.
Advertisement
Exploits bypass existing patch
Parallels desktop is a software with which other operating systems can be virtualized under MacOS, including Windows and Linux. The tool is aimed at private users as well as in use in companies in order to be able to use a certain Windows software in parallel on the Macs of employees.
The exploits use a weak point that enables a right to expansion. This bug (CVE-2024-34331) reported last year was fixed by parallels desktop with an update. However, the patch can be “handled really easily”, writes Jin. At that time he immediately reported this to the Zero Day Initiative (ZDI) and the manufacturer in parallels. In the latter, the entrance to its security-critical bug report was confirmed, but then there was no further reaction. Zdi took more than a month and then apparently could not reproduce the first exploit because there was now a new parallel version.
Ultimately, the manufacturer has not responded to his inquiries since the end of July 2024, according to Jin – that's why he has now decided to publish.
Root rights via command line tool
The original vulnerability discovered by another security researcher apparently used a lack of verification of a code signature in parallels desktop in order to sneak up root rights. The patch is to first verify that the command line tool “Createinstallmedia” is actually Apple-signed, explains the security researcher. Between the successful verification of the signature and the start of the tool, there is enough time to replace Creatinstallmedia with a malignant tool-and at the same time to maintain the root rights.
Discover more from Apple News
Subscribe to get the latest posts sent to your email.