«
»

Google Project Zero Discloses “High Severity” macOS Kernel Flaw After Apple Doesn’t Fix It

Apple has a wee bit of a problem on its hands as Google’s Project Zero has disclosed kernel flaw that is very serious. Google went this route as Apple didn’t patch the flaw within Google 90 day window for such discoveries to be fixed. Or put another way, the flaw was reported in November, and the 90 day window expired without a fix. That looks bad on Apple as for a company who claims to take these sorts of issues seriously clearly didn’t take this issue seriously.

But over to the flaw. The flaw allows an attacker to modify a user-owned mounted filesystem image without informing the virtual management subsystem of the changes, meaning a hacker can tweak a file system image without user knowledge. That of course is very bad. Apple claims that it will fix the issue. But one wonders why it takes the public disclosure for Apple to fix this? Tim Cook and company have some explaining to do. Especially given their recent track record of epic bugs.

This entry was posted on March 4, 2019 at 8:28 pm and is filed under Commentary with tags . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Google Project Zero Discloses “High Severity” macOS Kernel Flaw After Apple Doesn’t Fix It”

  1. #FlexGate, #KeyboardGate, & A Bug I Discovered Show That Apple Is Losing The Plot When It Comes To Them Making Quality Products | The IT Nerd Says:
    March 11, 2019 at 9:01 am

    […] that Apple asked me to make. Because after all, Google just did that to get Apple’s attention when Google’s Project Zero group uncovered a serious exploit in macOS last November and were forced to go public with it when Apple couldn’t or wouldn’t fix it within […]

    Reply

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading