Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Google drops three OS X zero-day vulnerabilities on Apple
MacDailyNews ^ | Friday, January 23, 2015

Posted on 01/24/2015 1:41:55 AM PST by Swordmaker

“Don’t look now, but Google’s Project Zero vulnerability research program may have dropped more zero-day vulnerabilities—this time on Apple’s OS X platform,” Dan Goodin reports for Ars Technica. “” “In the past two days, Project Zero has disclosed [three] OS X vulnerabilities,” Goodin reports. “At first glance, none of them appear to be highly critical, since all three appear to require the attacker to already have some access to a targeted machine.”

‘Still, the exploits could be combined with a separate attack to elevate lower-level privileges and gain control over vulnerable Macs,” Goodin reports. “And since the disclosures contain proof-of-concept exploit code, they provide enough technical detail for experienced hackers to write malicious attacks that target the previously unknown vulnerabilities.”

Read more in the full article here.


TOPICS: Computers/Internet
KEYWORDS: apple; computers; computing
These are actually NOT zero day vulnerabilities. . . nor are they "exploits" even though there are proof of concepts attached to the findings. Apple was given these in October. All three of the vulnerabilities require physical access to the computer and inputing the code through the Terminal, modifying the code. The first one allows elevation of user privileges to ROOT but ROOT needs to be activated, which is not a default activation on a shipping Mac. None of these are serious vulnerabilities for any kind of remote compromising of the security of the computer or data. Finally, although Apple is aware of these vulnerabilities, Apple does not push out security patches until thorough testing in all possible scenarios is completed.
1 posted on 01/24/2015 1:41:55 AM PST by Swordmaker
[ Post Reply | Private Reply | View Replies]

To: ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; altair; ...
Google releases what is referred as a ZERO day vulnerability for OS X. In fact THREE of them. . . but they are nothing serious to worry about. All of them require physical access to the Mac and access to the Terminal with suitable passwords. — PING!


Apple Security Ping!

If you want on or off the Mac Ping List, Freepmail me.

2 posted on 01/24/2015 1:45:12 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users contnue...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: All
Latest OS X 10.10.2 beta kills Google-disclosed vulnerabilities dead

By Rene Ritchie, iMore.com, Thursday, Jan 22, 2015 a 9:54 pm EST

Google's Project Zero research program has disclosed and released proof-of-concept code for a series of 0day — previously unknown — vulnerabilities found in Apple's OS X operating system for the Mac. These exploits are all fixed in OS X Yosemite 10.10.2, now in beta. Here's a report on the vulnerabilities from Ars Technica:

In the past two days, Project Zero has disclosed OS X vulnerabilities here, here, and here. At first glance, none of them appear to be highly critical, since all three appear to require the attacker to already have some access to a targeted machine. What's more, the first vulnerability, the one involving the "networkd 'effective_audit_token' XPC," may already have been mitigated in OS X Yosemite, but if so the Google advisory doesn't make this explicit and Apple doesn't publicly discuss security matters with reporters.

These vulnerabilities were reported to Apple in October of 2014 and made public as part of Google Zero Day's 90 day disclosure policy. (You can argue the merit of that policy in the comments below.)

None of these exploits can be used remotely, which means they'd need to be combined with remote exploits or with physical access to the hardware to be put to any practical use.

The first vulnerability, 130, which could result in privilege escalation, contains the following comment:

See https://code.google.com/p/google-security-research/issues/detail?id=121 for a discussion of mitigations applied in Yosemite.

It includes the following:

Apple added some hardening to libxpc in Yosemite - xpc_data_get_bytes now has the following check: [list of checks]

That vulnerability, 121, is marked as fixed and closed as of January 8.

Status: Fixed

Closed: Jan 8

This could indicate the 130 vulnerability is also no longer an issue for people running Yosemite.

What's more, based on the latest build of OS X 10.10.2, seeded yesterday to developers, Apple has already fixed all of the vulnerabilities listed above. That means the fixes will be available to everyone running Yosemite as soon as 10.10.2 goes into general availability.


3 posted on 01/24/2015 1:52:21 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users contnue...)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Swordmaker

Sitting at the computer, to me, means not an exploit.

IMHO, anything where the machine needs to ALREADY be compromised is not at fault for compromising a machine.


4 posted on 01/24/2015 2:28:14 AM PST by PieterCasparzen (We have to fix things ourselves)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PieterCasparzen
IMHO, anything where the machine needs to ALREADY be compromised is not at fault for compromising a machine.

If you have to have a user's password. . . and then an Administrator's Name and password to compromise the machine, it isn't an exploit. . . it's a novelty, a potential to do something with the computer.

5 posted on 01/24/2015 2:37:27 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users contnue...)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Swordmaker

Tech writers are such sluts. They have wet dreams just thinking about writing a headline that contains “Apple” or “OS X” and “vulnerability”.

This article is just about a couple of bugs, which require an already compromised machine.

OTOH I like that Google is putting pressure on Apple to speed up their fixes. That’s a historical problem with Apple.


6 posted on 01/24/2015 5:16:33 AM PST by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker
Apple does not push out security patches until thorough testing in all possible scenarios is completed.

If that were true, they could never ship out another patch. Ever...I agree they do a good job...but no one is THAT good...

7 posted on 01/24/2015 9:57:09 AM PST by LearnsFromMistakes (Yes, I am happy to see you. But that IS a gun in my pocket.)
[ Post Reply | Private Reply | To 1 | View Replies]

This is new to me. Does Google do the same for Android exploits?


8 posted on 01/24/2015 2:42:26 PM PST by D-fendr (Deus non alligatur sacramentis sed nos alligamur.)
[ Post Reply | Private Reply | To 7 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson