Rootpipe, a "privilege escalation" vulnerability Apple patched in OS X 10.10.3, turns out to have a wider target area than original thought.
A "privilege escalation" vulnerability means that if someone already has malicious code on your Mac, they can use something like Rootpipe to gain deeper access. Think of it like this ? if a criminal has already broken into your house, they can use a pipe to break open a locked cupboard. While the analogy starts to break down at this point, Apple thought they made the cupboard pipe-proof in OS X 10.10.3 but, after analyzing the new locks, a security specialist found another angle to attack it from.
Full story from the iMore Blog...