• Test

Apple, Google

Google’s Project Zero Reveals Three OS X Vulnerabilities

OS X Vulnerabilities

Google’s Project Zero security team has revealed three vulnerabilities found in Apple’s OS X. Project Zero has a policy that simply states the software maker has 30 days in order to fix the bug or it will be made public. The reasoning is that in 30 days a company should be able to resolve any serious threats and if not this will motivate them to get it done.


These vulnerabilities are definitely not the end all be all of computer vulnerabilities, but they can be quite troublesome. The first flaw that has been dubbed “OS X networkd”effective_audit_token” XPC type  confusion sandbox escape,” would allow someone to get around network settings that are set on the computer.

The second vulnerability code named “OS X IOKit kernel code execution due to NULL pointer dereference in IntelAccelerator” would allow a hacker to run a program and set it as a priority over all other items on the computer.

The third vulnerability “OS X IOKit kernel memory corruption due to bad zero in IOBluetoothDevice” is an exploit to the OS X kernel structure.

A potential attacker could use these vulnerabilities to raise their privilege levels effectively letting them take control of the computer.

An interesting note on Apple’s product security page states that:

For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. Apple usually distributes information about security issues in its products through this site and the mailing list below.

Google has been known to publish vulnerabilities as it has done so in the past to Micosoft, as well as other companies. In most cases, they are fixed before Google has the chance to publish them but it would appear Apple has yet to address this issue.

Previous ArticleNext Article
Scott Hartley is the developer and owner of The Daily Exposition who is also a tech enthusiast and writes the majority of content found on the website. When he isn't keeping up to date with the latest and breaking technology news, he is working on his own WordPress plugins, themes, or out exploring the world.

Leave a Reply

Your email address will not be published. Required fields are marked *