At the end of last year we discussed the OS X Yosemite security flaw published by the Swedish security company TruSec and that crawls into the system since OS X version 10.8.5. Now a news related to this security flaw appears again and it seems that Apple did not solve it with the patch released according to account former NSA worker Patrick Wardle.
It seems that Apple plugged part of the security hole, but left a possibility to bypass this protection and this is what Wardle has achieved, allowing third parties access to our information whenever physical access is made to the machine. Rootpipe can only be executed if the 'hacker' physically accesses our Mac, something that greatly limits the possibility of being attacked.
Apple, on the other hand, is sure that it is working on the bug since it is informed from the first moment the bug was found and it may end up closing in future versions of OS X, but for the moment in the version OS X 10.10.3 Yosemite this security bug still exists.
To explain what this vulnerability is about, we will say that it allows root access to third parties on our Mac without having to enter the owner's unlock code. This bug may not be fixed in earlier versions of OS X 10.10.3 therefore it is always recommended to update to the latest versions of the operating system.