New Apple OS X zero-day vulnerabilities revealed

Late last week, Project Zero revealed OS X zero-day vulnerabilities in three separate articles on code.google.com. Though initially the individual vulnerabilities don't appear to be “highly critical,” according to online news sources, if combined with a separate attack, the exploits could allow lower-level privileges to intruders, allowing them to access and control susceptible Macs.

The security flaws were originally reported to Apple in late October 2015 under confidential disclosure, but the recent public reports contain proof-of-concept explore codes, which potentially reveal sufficient technical details to support malicious attacks targeting these newly-exposed vulnerabilities.

Online sources further reveal that all three zero-day disclosures have been published after the 90-day “grace period” that Project Zero gives developers before public announcement.

Sign up to our newsletters