This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Rootpipe exploit

"And now we also know that the bug has been discovered by what seems to be a Chinese APT actor and was already exploited in the wild (although only affecting < 10.8)."

The link I want to post for this doesn't work because the Sophos nanny insists on bleeping out "bs." So find it from this--"How to fix rootpipe...." It appears in comments in that article.

https://reverse.put.as/?s=rootpipe

Question: Any kind of protection from this from Sophos? Will Sophos be able to identify any files that contain such a payload?

This thread was automatically locked due to age.

Parents

0 brvx over 9 years ago

Since there have been no replies, perhaps the point of my posting this wasn't clear. Maybe not immediately, but will Sophos try to establish a signature for the kind of privilege escalation payload that an attack by way of rootpipe would employ? In other words, will sophos offer any protection against rootpipe, either locally or through some remote means?
:1020675
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 brvx over 9 years ago

Since there have been no replies, perhaps the point of my posting this wasn't clear. Maybe not immediately, but will Sophos try to establish a signature for the kind of privilege escalation payload that an attack by way of rootpipe would employ? In other words, will sophos offer any protection against rootpipe, either locally or through some remote means?
:1020675
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data