[Swordmaker]

A new Zero Day vulnerability and EXPLOIT allows user escalation on SOME OS X Macs was announced Sunday Morning without notifying Apple in advance by an Italian developer—who should have his developers' permits pulled for that little demonstration of asshattery! However, as I said, and have researched, it only affects a very small sub-set of OS X Macs, those which have had the Developers' Kit installed, because for it to work it has to invoke "a null pointer de-reference in OS X's IOKit — to drop a proof-of-concept payload into a root shell. . ."

However, this IOKit, which is part of the Developers' Kit is not installed on the average users' OS X Mac. I did a complete search for the relevant file on my Mac and it was not found. I have not installed the Developers' Kit or XTools. Ergo, it cannot work on the average Mac.

That does not absolve him of his egregious behavior in releasing his find into the wild prior to giving the publisher time to correct the problem which is the industry practice. — PING!

Apple OS X ZERO DAY Security
Ping!

If you want on or off the Mac Ping List, Freepmail me.

[Swordmaker]

Of course the developers who tested the proof of concept code found it worked on their machines . . . but they had Xcode and the Developers' Kit installed on their Macs they tested it on. You also need to run it on as a user. . . So the worst that could happen is that you download a Trojan File with this script appended. . . and be persuaded through social engineering to install and run it. As always, OS X recognizes and warns users through Gatekeeper about all known Trojans and variants before download, installation, and running any of them.

Surf safely. . .

[RayChuang88]

It should be noted that Apple quietly updates their own anti-malware program inside MacOS X to fix this problem. They’ve done this multiple times to fix known MacOS X vulnerabilities.