Summary: A security vulnerability in Parallels Desktop allows attackers to gain root access on Mac devices due to a failure in code signature verification. Security researcher Mickey Jin publicly disclosed two exploits following the vendorโs inability to address the flaw for over seven months. Users are urged to take proactive measures as the vulnerability remains unpatched across all known versions of the software.
Affected: Parallels Desktop for Mac
Keypoints :
- Two exploits have been demonstrated that bypassed the vendorโs previous security fixes.
- The vulnerability stems from a flaw in code signature verification, allowing unauthorized code to be executed with root privileges.
- Despite attempts to inform Parallels, the vulnerability remains unfixed, affecting all versions of the software including the latest release.