The ARDAgent security hole: What you need to know

If you’ve been reading the Mac news the last week or so, it’s been pretty chock full of information on exploits and malware affecting OS X. First there was Intego’s security alert concerning what the security software maker calls the “ARDAgent root privilege escalation.” To summarize the security exposure that Intego reported (this particular exploit was actually posted a day earlier in this Slashdot story), it’s a pretty bad one. Anyone running OS X 10.4 or 10.5 has a program on their machine named ARDAgent; you’ll find it in your top-level System -> Library -> CoreServices -> RemoteManagement folder. ARDAgent is a faceless (no dock icon, no windows) helper application for Apple Remote Desktop. Used in a lab setting, ARDAgent is very useful for people who use Apple Remote Desktop to manage a large number of Macs; it can run programs on behalf of the remote administrator, for instance.

In order to do what it does, though, ARDAgent runs as a root process, much like any other low-level system function such as printing. In and of itself, that’s not a bad thing. However, ARDAgent can also be used to launch shell scripts via a bit of Terminal-capable AppleScript code. This is where the danger comes in, because any shell script that ARDAgent launches will also be run as root, without any need for the user to enter their administrative password. This is potentially a very dangerous situation, as it means an attacker could use ARDAgent to run their “evil code” without the system ever prompting the user for a password. (If you’re curious about what Apple might be able to do about such security issues in the future, security researcher Dino Dai Zovi has written about some things that can be done in the next major OS X update.)

For years, we’ve been taught that if a program doesn’t ask for our administrative passwords, the damage it could do was limited—still bad, in that it could easily erase your entire user’s folder, but someone couldn’t, for instance, take over your machine without your knowledge. However, until Apple patches this particular hole, that’s no longer true. Now any program can execute code that has the ability to do whatever it likes to your system—and can do so without your permission. Since this code runs as root, it can install things in places you can’t easily see, and disguise the fact that those things are running, making them very hard to find and remove.

Since the news of this security hole was revealed, there have been multiple reports of programs that take advantage of it to do evil things. Some of these programs are examples of trojan horse malware—programs that appear to be one thing, but are actually just covering for the real (usually malicious) purpose of the code. In one example, the evil code installs a key logger (a program that records all your keystrokes), sets up a remote access server ready to accept inbound connections (so the hackers can connect to your machine and control it), and even gives your machine a domain name so that the hackers can more easily find it on the net. This is obviously really bad stuff, and with hackers having the ability to execute any program as root without user approval, only their imagination limits what they can do.

What you can do

So that’s the bad news. There are some glimmers of good news in the gloom, though. First, it’s relatively easy to protect yourself from this security hole. The major security product vendors have updated (or will soon update) their code to patch this particular hole (and any known malware that takes advantage of it), so if you use such a product, make sure you update your virus definitions.

If you don’t use an anti-virus program, there’s a relatively simple method to temporarily plug this hole all on your own. (But please have a current backup before proceeding). Navigate to /System -> Library -> CoreServices -> RemoteManagement, and Control-click on ARDAgent. In the contextual menu that appears, select Compress ARDAgent (in 10.5; in 10.4, I believe it will say Create Archive of ARDAgent). This will create a zip file of ARDAgent on your Desktop (as you don’t have rights to modify the original folder).

Next, drag ARDAgent to the trash can, provide your admin password when asked, then empty the trash. Finally, drag the zipped version of ARDAgent into the RemoteManagement folder, again providing your password when asked. (This last bit is optional; you can keep the file wherever you like, but I find it easier to store it where I know it belongs.)

When Apple releases a security update to patch this hole, expand the zip archive before running Software Update—so that Software Update will find the full application to patch. Note that this solution will prevent anyone from using Apple Remote Desktop to control your Mac. If you’re in such an environment where someone needs access to Apple Remote Desktop—say, in a business or in a school—you’ll need to speak to your administrators about their preferred solution to this problem.

User interaction required

The other glimmer of good news is that to take advantage of the ARDAgent exploit, some interaction from the user is still required: you must install and run a program that’s been designed to take advantage of the hole. Your machine cannot be compromised simply by surfing to Web sites (as happened to my Windows virtual machine more than a year ago). Your Mac cannot be compromised merely by reading e-mail. Nor can it be compromised by downloading (from e-mail or the Web) a program, even a malicious program designed to take advantage of the hole. In order for your machine to be compromised, you must actually run a malicious program.

In other words, this security hole is not something that can be attacked by a virus that automatically spreads from one machine to another, either via e-mail or by working its way through the local network. You, as a user, must run a malicious program for your machine to be compromised. So how do you protect yourself? By never running programs from untrusted sources—the same advice that’s been valid since Day One of computing is still valid now.

Even without this particular security hole, you’re always taking a big risk when you run software from untrusted sources. Sure, (assuming a program isn’t using this new exploit) if a program doesn’t ask for your password, the damage it can do is limited… but would you really want everything in your user’s home folder erased? That’s something any program could easily do, without ever asking for your password or exploiting a security hole.

Avoiding the problem

So how do you avoid untrusted sources? First and foremost, stay away from programs that are distributed via peer-to-peer networks. There’s no way to tell what you’ll be getting, and at least some of the malware that exploits this newest security hole has been making the rounds on the peer-to-peer networks. Download programs only from known and trusted sites such as MacUpdate and VersionTracker. Even when using such trusted sites, though, it often pays to wait to download until you can read comments from other users—there are lots of people out there who seem willing to play guinea pig, so there’s no reason you need to take on that role as well. If you’re downloading something for which there’s minimal feedback, use a Web search engine and search for the program’s name to get a sense of what the Internet in general thinks of the program. Finally, the best way to protect yourself is to make sure you’ve always got a current backup—and preferably, more than one. That way, if something does go wrong, you won’t lose any data, just time.

In summary, the ARDAgent security hole is a bad one, but the good news is that in order to be compromised, action on your part is still required. If you zip and remove ARDAgent and only download software from trusted sources, the odds are very low that you will be affected by this security hole. I expect Apple will have some sort of patch relatively quickly, but even after this one is patched, you should always practice “safe downloading” to minimize your exposure to other not-yet-known security holes.