March 17, 2019 IBOMLLC Team

Google’s Project Zero warned Apple of a high-severity vulnerability in macOS but no patch has been issued thus far

Innov8tiv
Innov8tiv – Blacks In Technology in USA, UK, Caribbean Islands & Africa

When it comes to cybersecurity, Apple’s devices have been praised for being among the best in the market; if not the best. However, an elite cybersecurity task force set up by Google – Project Zero – has discovered a flaw in the macOS desktop operating system they are terming “high-severity” vulnerability.

According to Project Zero, the zero-day vulnerability leaves such a gaping hole that an attacker could exploit the system without the victim ever noticing a thing. The said vulnerability stems from copy-on-write, a macOS process enabled by Apple’s XNU kernel, which works with anonymous memory and file mapping.

The memory being copied on a Mac computer is not sufficiently protected against modification thus the copy-on-write process can be easily exploited by attackers to copy malicious codes.

According to a blog post by the security researchers working for Project Zero, “This means that if an attacker can mutate an on-disk file without informing the virtual management subsystem, this is a security bug.”

Project Zero gave Apple 90-days period but nothing was done

The name Project Zero might be familiar to you, it is the same cybersecurity agency that first discovered …read more

Read more here:: Google’s Project Zero warned Apple of a high-severity vulnerability in macOS but no patch has been issued thus far

      

IBOM LLC

We're passionate about your business and we only offer the best solutions.