Project Zero switches targets

Posted by: David Harley | January 23, 2015

Project Zero switches targets

Having made public three Windows issues (as reported by Arstechnica), Google turns its guns on Apple with three OS X issues. Specifically:

OS X IOKit kernel memory corruption due to bad bzero in IOBluetoothDevice
OS X networkd “effective_audit_token” XPC type confusion sandbox escape (with exploit)
OS X IOKit kernel code execution due to NULL pointer dereference in IntelAccelerator

Don’t panic, though: an attacker would have to have direct access to the system to take advantage of the breaches. What’s more, the second issue may already have been addressed in Yosemite. (Unconfirmed.)

This article also refers.

David Harley
Small Blue-Green World

Posted in David Harley | Tags: exploit, Google, Team Zero, vulnerability

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

M	T	W	T	F	S	S
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

Mac Virus