Google publicly discloses macOS zero-day flaw after Apple misses 90-day bug-fix deadline

“Google has publicly disclosed a zero-day flaw in Apple’s macOS after the Cupertino mobe-maker failed to fix the security shortcoming within the ad giant’s 90-day deadline,” Shaun Nichols reports for The Register.

“The vulnerability itself is relatively minor in terms of danger: it allows malware already running on your Mac, or a rogue logged-in user, to potentially escalate their privileges, and fully take over the computer, by secretly altering the contents of files on user-mounted disks without you noticing,” Nichols reports. “Thus, to exploit the weakness, your computer already has to be compromised, which is pretty much game over for most folks.”

“However, this is Google dropping a proof-of-concept exploit on a tech rival, and it’s therefore caught everyone’s attention,” Nichols reports. “While the Project Zero team says that Apple is aware of the issue and has been planning to patch it, the deadline has passed, meaning the bug and its proof-of-concept exploit are now publicly disclosed as a zero day. It’s not the first time Google has done this, though it’s usually Microsoft that misses the deadline.”

Read more in the full article here.

MacDailyNews Take: We agree with Nichols who posits that because “the bug is so esoteric, it’s probably way down Apple’s to-do list.”

In a nutshell: NBD.


    1. Because doublespeak Cook likes to make money more than honoring his promises about keeping Apple users’ data safe, secure, and private.

      iCloud, as you all should know, is largely run on Amazon and Google servers. By default, your Apple device is set for Google to be the default search engine. Instead of competing against Chromebooks and various user-friendly mobile device configurations, Tim is happy to cede entire swathes of computer markets to Google.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.