• Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  • Edinburgh: +44 (0)131 541 0118 
  • New York: +1 646-781-7580 
  • Bucharest: +40 316 301 707 
  • Tokyo: +81 (3) 4588 8181 

Google have disclosed three OS X 0days

You are here



Google have disclosed three OS X 0days

Google's Project Zero security team revealed three zero-day vulnerabilities within Apple's OS X, since previously disclosing a number of flaws in Microsoft's Windows operating system.

1.) The first flaw, "OS X networkd 'effective_audit_token' XPC type confusion sandbox escape," allows an attacker to pass arbitrary commands to the networkd OS X system daemon since the input is not properly checked.

2.) The second and third vulnerability both are related to OS X's low-level I/OKit kernel framework.
The flaw, "OS X IOKit kernel code execution due to NULL pointer dereference in IntelAccelerator," this enables local users to execute code and gain root or superuser access through null pointer dereferencing.

3.) The final flaw is, "OS X IOKit kernel memory corruption due to bad bzero in IOBluetoothDevice," this gives an attacker the ability to write areas of the kernel memory, potentially allowing them to cause a denial of service or access private data.

Google has produced a proof-of-concept (POC) exploit for all three of the above flaws, which provide sufficient technical detail to be able to produce and exploit. Google privately reported the flaws to Apple on October 20, October 21, and October 23, 2014. This is due to the 90 day disclosure period having expired.

Posted by will

Leave a comment