[Swordmaker]

These are actually NOT zero day vulnerabilities. . . nor are they "exploits" even though there are proof of concepts attached to the findings. Apple was given these in October. All three of the vulnerabilities require physical access to the computer and inputing the code through the Terminal, modifying the code. The first one allows elevation of user privileges to ROOT but ROOT needs to be activated, which is not a default activation on a shipping Mac. None of these are serious vulnerabilities for any kind of remote compromising of the security of the computer or data. Finally, although Apple is aware of these vulnerabilities, Apple does not push out security patches until thorough testing in all possible scenarios is completed.

[Swordmaker]

Google releases what is referred as a ZERO day vulnerability for OS X. In fact THREE of them. . . but they are nothing serious to worry about. All of them require physical access to the Mac and access to the Terminal with suitable passwords. — PING!

Apple Security Ping!

If you want on or off the Mac Ping List, Freepmail me.

[PieterCasparzen]

Sitting at the computer, to me, means not an exploit.

IMHO, anything where the machine needs to ALREADY be compromised is not at fault for compromising a machine.

[dayglored]

Tech writers are such sluts. They have wet dreams just thinking about writing a headline that contains “Apple” or “OS X” and “vulnerability”.

This article is just about a couple of bugs, which require an already compromised machine.

OTOH I like that Google is putting pressure on Apple to speed up their fixes. That’s a historical problem with Apple.

[LearnsFromMistakes]

Apple does not push out security patches until thorough testing in all possible scenarios is completed.

If that were true, they could never ship out another patch. Ever...I agree they do a good job...but no one is THAT good...