Security News > 2016 > March > OS X zero day bug allows hackers to bypass system integrity protection (Help Net Security)
An OS X zero day vulnerability could allow attackers to bypass System Integrity Protection, Apple’s newest protection feature, and to escalate their privileges, simplifying the path to total system compromise in both OS X and iOS systems. According to researcher Pedro Vilaça, who discovered the flaw in late 2015, roughly at the same time as researcher Ian Beer of Google Project Zero, the vulnerability (CVE-2016-1757) is a non-memory corruption bug that exists in all versions … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/vKNWEa19G3A/
Related news
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Zero-day data security (source)
- Phishers send corrupted documents to bypass email security (source)
- U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-03-24 | CVE-2016-1757 | Race Condition vulnerability in Apple Iphone OS Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app. | 7.0 |