After exposing three critical zero-day vulnerabilities in Microsoft's Windows
operating systems, Google's Project Zero vulnerability research program
has revealed the existence of three more zero-day vulnerabilities, but
this time, on Apple's OS X platform.
The team has published three zero-day exploits for Apple’s OS X, with
sufficient information for an experienced hacker to exploit the bugs in
an attack. Of course, the details about the zero-days were not released
without alerting Apple to these issues.
FIRST ZERO-DAY VULNERABILITY:
The first flaw, "OS X networkd 'effective_audit_token' XPC type
confusion sandbox escape," allows an attacker to pass arbitrary commands
to the networkd OS X system daemon because it does not check its input
properly.
The flaw may already have been mitigated in OS X Yosemite, but there is no clear explanation of whether this is the case.
SECOND ZERO-DAY VULNERABILITY:
The second and third vulnerability both are related to OS X's low-level I/OKit kernel framework.
The flaw, "OS X IOKit kernel code execution due to NULL pointer
dereference in IntelAccelerator," gives local users who can execute code
on an OS X machine root or superuser access through null pointer
dereferencing, allowing privilege escalation.
THIRD ZERO-DAY VULNERABILITY:
The last but not the least, "OS X IOKit kernel memory corruption due to
bad bzero in IOBluetoothDevice," gives an attacker the ability to write
into kernel memory, potentially allowing them to crash systems or
access private data.
All the three vulnerabilities in OS X don't
appear to be highly critical as none of these exploits remotely, since
all of them require physical access to the targeted computer in order to
cause any real damage. However, the main concern is that the exploits
could be combined with a separate exploit to elevate lower-level
privileges and gain control over vulnerable Macs.
GOOGLE PROVIDED POC OF ALL THREE FLAWS:
The team has also made proof-of-concept (POC) exploit code available,
which provide enough technical details to write an attack code. Google
privately reported the flaws to Apple on October 20, October 21, and
October 23, 2014. After the expiration of the 90-day disclosure period,
the company published all bugs.
GOOGLE’S PROJECT ZERO TEASED MICROSOFT:
There is no surprise if Google's Project Zero has published
vulnerabilities which are yet to be patched. In the past few weeks, the
team has disclosed three separate security flaws in Microsoft's Windows
operating system, before Microsoft planned to patch them.
Google's Project Zero is an initiative that identifies security holes in
different software and calls on companies to publicly disclose and
patch bugs within 90 days of discovering them. The company’s tight
90-days disclosure policy encourages all software vendors to patch their
products before they get exploited by the hackers and cybercriminals.
Apple has not provided any details about repairing the issues. However,
on the company's product security page, the iPad and iPhone maker
states, Apple does not "disclose, discuss or confirms.
0 COMMENTS:
Post a Comment