Google’s Project Zero security team claims to have found three vulnerabilities in Apple’s Mac OS X operating system with high severity, that are yet to be patched. According to ZDNet, while all three flaws require an attacker to have access to a targeted Mac, they can all very well contribute to a successful attempt at elevating lower-level privileges and taking over a machine.
The source notes that the first flaw, “OS X networkd “effective_audit_token” XPC type confusion sandbox escape,” involves circumvention of commands in the network system and may already have been mitigated in OS X Yosemite, though it remains unclear whether this is true. The second vulnerability documents “OS X IOKit kernel code execution due to NULL pointer dereference in IntelAccelerator”, while the third one, “OS X IOKit kernel memory corruption due to bad bzero in IOBluetoothDevice” includes an exploit related to OS X’s kernel structure.
Meanwhile, even though Apple has not yet issued an official statement on the issues, iMore points out that in addition to the first vulnerability, the other two have also been fixed in OS X 10.10.2, which is currently in beta (via MacRumors).
“Based on the latest build of OS X 10.10.2, seeded [Wednesday] to developers, Apple has already fixed all of the vulnerabilities listed above. That means the fixes will be available to everyone running Yosemite as soon as 10.10.2 goes into general availability”.
In the past few weeks, the Google-backed program has also published three unpatched vulnerabilities in Microsoft’s Windows operating system.