A newly discovered flaw in macOS could allow anyone or anything with access to a general user account to take control of a computer

The flaw is not entirely new It was first revealed last week as a vulnerability in the command "sudo," which is present in almost all Unix-like operating systems, including Linux and macOS

Yesterday (February 2), security researchers demonstrated that the flaw actually works in macOS, including the latest version of Big Sur released on Monday (February 1)

The sudo flaw, dubbed "Baron Samedit" by its discoverers, grants common user accounts privileges that they should not have Anyone or any malware that has access to a Mac, whether in person or over a network, can use Baron Samedit to take over the machine

Sudo stands for "superuser do," and is usually used by users who already have administrative privileges to gain temporary "root" or "superuser" privileges to make changes to the operating system The administrator user is prompted for a password after invoking the sudo command

In theory, the Baron Samedit flaw can only be exploited by someone who already has an account on a Mac, Linux, or other Unix-derived machine

In practice, however, it can be used by remote attackers who steal or crack user passwords over networks, including the Internet It can also be used by malware that infects ordinary user accounts; you can read more about the Baron Samedit flaw and the resulting exploit mechanism here and here

The Baron Samedit flaw had already been patched by several major Linux distributions, including Debian, Red Hat, and Ubuntu, before the vulnerability was announced on January 26

Apple did not join them, probably because Apple developers were not aware that macOS might be affected In fact, there are obstacles that prevent the exploit from functioning as is on macOS [However, Matthew Hickey, CEO and co-founder of information security consulting firm Hacker House, showed yesterday on Twitter that a couple of simple command line entries remove that obstacle and allow the Baron Samedit exploit on macOS to remove that obstacle and allow the Baron Samedit exploit on macOS

Hickey called it "one of the most devastating and pervasive LPEs [local privilege elevation] in modern UNIX/Linux history"

Will Doman of the Computer Emergency Response Team Coordination Center (CERT-CC), a research facility at Carnegie Mellon University in Pittsburgh that is funded by the US Department of Defense, confirmed Hickey's findings shortly after confirmed that

It was well-known Mac hacker Patrick Wardle who confirmed that MacOS Big Sur 112 was vulnerable

Hickey's discovery was quickly turned into proof-of-concept code and uploaded to Pastebin for all to see

So what can we do to protect ourselves from this problem? According to Hickey, this flaw cannot be fixed, even by users with administrative privileges who use sudo properly

We will have to wait until Apple fixes this in Big Sur and the two previous versions of macOS, 1015 Catalina and 1014 Mojave updates It is possible that the patch will be applied to earlier versions that are not officially supported, as Apple has done in the past when fixing very serious bugs

In the meantime, you should install and use the best Mac antivirus software without turning off your Mac until the patch arrives Antivirus software won't prevent the jerk from sitting on your machine and logging in, but hopefully there are other ways to stop it

Then stick to the official Mac App Store when installing new programs until Apple fixes this flaw

Tom's Guide has reached out to Apple for comment on this issue and will update this article as soon as we hear back