90 Days: Google Reveals 3 OS X Zero Days

Friday, January 23, 2015 @ 05:01 PM gHale


After exhausting a 90-day grace period, Google released information about and proof-of-concept exploit code for three separate Zero Day vulnerabilities affecting Apple’s OS X operating system.

Privately disclosed to Apple on October 20, 21 and 23, the documents detailing the flaws became automatically public after the usual 90 days that Google’s Project Zero vulnerability research program gives to vendors to fix the flaw before it releases the information.

RELATED STORIES
Google Discloses Windows 8.1 Flaw
Unpatched Windows 8.1 Hole Exposed
Router Flaw Found
Re-engaged: Multi GAE Sandbox Bypasses

Apple did not comment, and the company does not discuss or confirm security issues until they can issue patches or updates to fix them.

The three vulnerabilities are not critical, as they require the attacker to have access to the targeted Mac machine.

The public revelation of these flaws comes a week after Microsoft criticized Google for not being flexible with the disclosure deadline and for disclosing several critical Windows flaws that Microsoft hasn’t been able to patch over the 90-day grace period.



Leave a Reply

You must be logged in to post a comment.