Several years ago, students at UMass Amherst discovered how to co-opt an automated software update mechanism to gain root access on a computer. The most significant security flaw involved a McAfee anti-virus product whereby an automatic, nightly update allowed the students to get root access on a Mac. Back then, the students wrote code manually.
Fast forward from 2006 to 2009. Now security researchers have reportedly created an automated tool to discover insecure software updates. There are likely a lot of vulnerable products out there, and it's not surprising that many small software houses forget to test whether the backdoor is kept locked: the software update.
Our original paper and video demonstration shows how to co-opt a software update mechanism built into an anti-virus product to gain root on a Mac. Fortunately, that particular bug has been reportedly patched. But what else remains unpatched?