To: ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; altair; ...
A new Zero Day vulnerability and EXPLOIT allows user escalation on SOME OS X Macs was announced Sunday Morning without notifying Apple in advance by an Italian developer—who should have his developers' permits pulled for that little demonstration of asshattery! However, as I said, and have researched, it only affects a very small sub-set of OS X Macs, those which have had the Developers' Kit installed, because for it to work it has to invoke "a null pointer de-reference in OS X's IOKit — to drop a proof-of-concept payload into a root shell. . ."
However, this IOKit, which is part of the Developers' Kit is not installed on the average users' OS X Mac. I did a complete search for the relevant file on my Mac and it was not found. I have not installed the Developers' Kit or XTools. Ergo, it cannot work on the average Mac.
That does not absolve him of his egregious behavior in releasing his find into the wild prior to giving the publisher time to correct the problem which is the industry practice. — PING!
Apple OS X ZERO DAY Security
Ping!
If you want on or off the Mac Ping List, Freepmail me.
2 posted on
08/16/2015 10:11:22 PM PDT by
Swordmaker
( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
To: Swordmaker
“Italian developer Luca Todesco...” Brilliant guy.
4 posted on
08/16/2015 10:18:12 PM PDT by
Falconspeed
("Keep your fears to yourself, but share your courage with others." Robert Louis Stevenson (1850-94))
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson