Jump to content

Recommended Posts

Posted

This is another Google Project Zero discovery whereby Apple was privately informed of the vulnerability on October 20 last year, but has failed to address the issue.

In keeping with its policy, Google made the vulnerability which allows a local user to bypass the sandbox public. Details here: http://www.securitytracker.com/id/1031624

Two other vulnerabilities for which no fix is yet available either are these:

  1. Apple OS X Memory Corruption Flaw in IOKit IOBluetoothDevice Lets Local Users Gain Elevated Privileges
  2. Apple OS X Null Pointer Dereference in IOKit IntelAccelerator Lets Local Users Gain Elevated Privileges
Posted

Maybe should be in the Apple thread?

I didn't know there was one.

Look at the top of the Internet, computers, etc. page and you'll see the Apple forum.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...