Apple's OS X contains unfixed security flaws,Google's Project Zero team finds

Contrary to most beliefs, Apple's OS X operating system seems to be carrying three vulnerabilities that are yet to be addressed.

As per details released by Google's Project Zero research team, the three vulnerabilities are listed as under: "OS X networkd "effective_audit_token" XPC type confusion sandbox escape"

"OS X IOKit kernel code execution due to NULL pointer dereference in IntelAccelerator."

"OS X IOKit kernel memory corruption due to bad bzero in IOBluetoothDevice."

The Project Zero team revealed that each of these exploits were reported to Apple in October but have not been fixed yet. The details have been published 90 days after the discovery and reporting of the vulnerabilities.

The lapses are weak enough to enable a hacker to elevate privilege levels and take over Mac computer with Apple's OS X operating system.

Apple maintains its positions of not discussing security issues in public until either a full investigation is completed or necessary patches or releases are available. However, since these reports are alarming enough, it's apparent that Apple's researchers are at work to resolve this.

We would expect Apple to release a statement sooner rather than later regarding the fixes.

Since it's inception in mid-2014, Google's Project Zero aims at uncovering software flaws that compromise the users' privacy. Recently, it had uncovered three unpatched security flaws in Microsoft Windows OS as well.

Written by Mobile Choice
Mobile Choice

Leave a Comment