Rene Ritchie reports for iMore, “‘Earlier this week we implemented a server-side app security update that secures app data and blocks apps with sandbox configuration issues from the Mac App Store,’ an Apple spokesperson told iMore. ‘We have additional fixes in progress and are working with the researchers to investigate the claims in their paper.'”
“The XARA exploits, recently disclosed to the public in a paper titled Unauthorized cross-app resource access on Mac OS X and iOS, target the OS X Keychain and Bundle IDs, HTML 5 WebSockets, and iOS URL schemes,” Ritchie reports. “While they absolutely need to be fixed, like most security exploits, they have also been needlessly conflated and overly sensationalized by some in the media. So, what’s really going on?”
Much more in the full article – recommended – here.
MacDailyNews Take: A good article that puts the issue in perspective.