“In the past two days, Project Zero has disclosed [three] OS X vulnerabilities,” Goodin reports. “At first glance, none of them appear to be highly critical, since all three appear to require the attacker to already have some access to a targeted machine.”
‘Still, the exploits could be combined with a separate attack to elevate lower-level privileges and gain control over vulnerable Macs,” Goodin reports. “And since the disclosures contain proof-of-concept exploit code, they provide enough technical detail for experienced hackers to write malicious attacks that target the previously unknown vulnerabilities.”
Read more in the full article here.