Parallels Desktop Vulnerability: Unpatched Exploits Give Hackers Root Access on Macs!

Unpatched Parallels Desktop vulnerability grants users root access on Macs. Security researcher Mickey Jin reveals exploits bypassing Parallels’ flawed fixes, urging users to stay alert. The vulnerability, first found in May 2024, remains unaddressed despite disclosures. So, users can now enjoy root-level chaos along with their virtual machines!

3P
Published: February 24, 2025 3:51 pmAdded: February 24, 2025 at 8:11 amAssembled by: The Editor

Hot Take:

Parallels Desktop users, your Mac might be running Windows, but it seems your security updates are running on dial-up. With exploits bypassing patches like they’re VIPs at a club, it’s time to question whether your virtual windows are more like open doors for hackers. Maybe it’s time to stop paralleling the procrastination and start paralleling some action!

Key Points:

  • Two new exploits for Parallels Desktop’s unpatched vulnerability have been publicly disclosed.
  • These exploits allow users to gain root access on affected Mac devices.
  • Researcher Mickey Jin revealed the exploits after the vendor allegedly ignored the vulnerability for over seven months.
  • The exploits involve a TOCTOU attack and an arbitrary root file overwrite vulnerability.
  • All known versions of Parallels Desktop are still vulnerable to these exploits.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?