Trusted Mac OS X firewall Little Snitch is vulnerable to local privilege escalation attacks that could give criminals the ability plant rootkits and keyloggers on some El Capitan systems.
The Little Snitch firewall vulnerability was found by Synack Director of Research and well-known OS X hacker Patrick Wardle. Affected are 3.x versions of the Little Snitch firewall software released prior to build 3.6.2 running on El Capitan. Wardle did not test versions of Little Snitch released prior to 3.x.
In January, Wardle discovered that the firewall software contained a local escalation of privileges (EoP) vulnerability that any local user (or malware) could exploit. The following month, Little Snitch’s developer Objective Development released the (3.6.2) version of the firewall that fixed the problem.
“This is a serious flaw and an important software update that Little Snitch users could have easily missed,” Wardle told Threatpost.