BuggyCow zero-day vulnerability

March 4th 2019

Google's Project Zero announced an unpublished exploit in macOS. Named BuggyCow, is a memory exploit to gain unauthorized privileges.

Wired:

On Friday, Google's Project Zero researchers quietly published a forum post outlining a previously unknown vulnerability in MacOS, which they call BuggyCow, in a piece of proof-of-concept demonstration code. The attack takes advantage of an obscure oversight in Apple's protections on its machines' memory to enable so-called privilege escalation, allowing a piece of malware with limited privileges to, in some cases, pierce into deeper, far more trusted parts of a victim's Mac.

The vulnerability is reportedly a sophisticated attack and it's unknown if it's ever been successfully deployed. The exploit was released after over three months of notifying Apple. There doesn't seem to be much to do to counteract the exploit at this moment.

BuggyCow zero-day vulnerability

Recent Articles

Browse and search for more articles


Home	About	Advertising	Search
Copyright 1995-2024 Insanely Great Mac. All rights reserved. Privacy Statment \| Terms of Service \| Editorial Policy