“The first exploit managed to escape the sandbox, a protection macOS uses to ensure that apps only have access to their own data, and any system data permitted by Apple,” Lovejoy writes. “The second got rather further, gaining both root and kernel access to the Mac.”
“The event was hosted by Trend Micro under the branding of its Zero Day Initiative (ZDI). The program was created to encourage hackers to privately report vulnerabilities to the companies concerned rather than sell them to bad actors. ZDI does this by offering financial rewards and kudos,” Lovejoy writes. “As per its usual practice, ZDI will not release detailed information on the exploits until Apple has confirmed that it has fixed them in a macOS update.”
Read more in the full article here.
blockquote>MacDailyNews Take: </strongKudos to Trend Micro and its Zero Day Initiative for heloping to make Apple’s platforms even more sercure!