“Don’t look now, but Google’s Project Zero vulnerability research program may have dropped more zero-day vulnerabilities—this time on Apple’s OS X platform,” Dan Goodin reports for Ars Technica. “”
“In the past two days, Project Zero has disclosed [three] OS X vulnerabilities,” Goodin reports. “At first glance, none of them appear to be highly critical, since all three appear to require the attacker to already have some access to a targeted machine.”
‘Still, the exploits could be combined with a separate attack to elevate lower-level privileges and gain control over vulnerable Macs,” Goodin reports. “And since the disclosures contain proof-of-concept exploit code, they provide enough technical detail for experienced hackers to write malicious attacks that target the previously unknown vulnerabilities.”
Read more in the full article here.