Xircal Posted January 24, 2015 Share Posted January 24, 2015 This is another Google Project Zero discovery whereby Apple was privately informed of the vulnerability on October 20 last year, but has failed to address the issue. In keeping with its policy, Google made the vulnerability which allows a local user to bypass the sandbox public. Details here: http://www.securitytracker.com/id/1031624 Two other vulnerabilities for which no fix is yet available either are these: Apple OS X Memory Corruption Flaw in IOKit IOBluetoothDevice Lets Local Users Gain Elevated Privileges Apple OS X Null Pointer Dereference in IOKit IntelAccelerator Lets Local Users Gain Elevated Privileges Link to comment Share on other sites More sharing options...
Chicog Posted January 24, 2015 Share Posted January 24, 2015 Maybe should be in the Apple thread? Link to comment Share on other sites More sharing options...
Xircal Posted January 25, 2015 Author Share Posted January 25, 2015 Maybe should be in the Apple thread? I didn't know there was one. Link to comment Share on other sites More sharing options...
Chicog Posted January 25, 2015 Share Posted January 25, 2015 Maybe should be in the Apple thread? I didn't know there was one. Look at the top of the Internet, computers, etc. page and you'll see the Apple forum. Link to comment Share on other sites More sharing options...
.png.3b3332cc2256ad0edbc2fe9404feeef0.png)
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now