Apple's OS X 10.10.2 to Fix Security Vulnerabilities Exposed by Google's Project Zero
Google's security team, Project Zero, this week disclosed to the public several security vulnerabilities in OS X, some three months after the issue were shared with Apple (via Ars Technica). While Apple has not commented officially on the issues, it appears one has already been patched and iMore reports the remaining two are fixed in OS X 10.10.2, which is currently in developer testing.

Project Zero works to discover security vulnerabilities of various operating systems and software, giving their owners 90 days notice to patch the issues before publishing their findings to the public. In their markup of Apple's OS X, problems involving memory corruption, kernel code execution, and a sandbox escape were all discovered by the team. Ars Technica notes:
At first glance, none of them appear to be highly critical, since all three appear to require the attacker to already have some access to a targeted machine. [...]
Still, the exploits could be combined with a separate attack to elevate lower-level privileges and gain control over vulnerable Macs. And since the disclosures contain proof-of-concept exploit code, they provide enough technical detail for experienced hackers to write malicious attacks that target the previously unknown vulnerabilities.
As the 90-day deadline hit during the week, the group began posting its findings online. Google's notes suggest one of the vulnerabilities was fixed with the release of OS X Yosemite, while the other two remained unaddressed.
But as pointed out by iMore, Apple's incoming OS X 10.10.2 update does indeed include fixes for the remaining two vulnerabilities exposed by Project Zero.
[B]ased on the latest build of OS X 10.10.2, seeded [Wednesday] to developers, Apple has already fixed all of the vulnerabilities listed above. That means the fixes will be available to everyone running Yosemite as soon as 10.10.2 goes into general availability.
Google's Project Zero has been disclosing significant security vulnerabilities for a number of months now, previously discovering a few significant Windows issues and sharing them online. The project shines light on much-needed fixes to various operating systems, but sometimes undercuts the point of security, as in that Windows case that's left users' systems more vulnerable with the publicized knowledge before Microsoft could properly fix it. Still, the 90-day window before public disclosure is intended to give companies time to fix the issues while also giving them incentive to do so in a timely fashion.
Popular Stories
iOS 18.3 was released last month, so the first iOS 18.4 beta should be coming soon. iOS 18.4 is expected to be a more substantial update for the iPhone, with several new features and changes related to Apple Intelligence and beyond.
Apple's website suggests that iOS 18.4 will be released in April, following beta testing. Below, we outline what to expect from the update so far.
Apple...
Apple today announced the launch of a new app called "Invites," which is designed to allow users to plan events like birthday parties, graduations, vacations, baby showers, and more.
"With Apple Invites, an event comes to life from the moment the invitation is created, and users can share lasting memories even after they get together," said Brent Chiu-Watson, Apple's senior director of...
Apple does not approve of the "Hot Tub" pornography app that was released for the iPhone in the EU using alternative app distribution, Apple said in a statement to MacRumors. Further, Apple is concerned about the potential user safety risks with a pornography app, and says that it undermines consumer trust in the Apple ecosystem.
We are deeply concerned about the safety risks that hardcore...
Apple hasn't refreshed the Apple TV since 2022, but rumors suggest that we're finally going to get an update in 2025. We don't have a full picture of what to expect yet, but we have some hints on what's coming.
Subscribe to the MacRumors YouTube channel for more videos.
Updated A-Series Chip
The current Apple TV 4K uses the A15 Bionic chip that was in the iPhone 13 lineup, and it's time for...
Apple this week increased the prices for its monthly AppleCare+ subscription prices for the iPhone, raising the cost by 50 cents for all models in the United States.
Standard AppleCare+ for the iPhone 16 models is now priced at $10.49 per month, for example, up from the prior $9.99 per month price. The 50 cent price increase applies to all available AppleCare+ plans for Apple's current...
Apple's next-generation iPhone SE could debut as soon as next week with a launch to follow later in February, reports Bloomberg's Mark Gurman. Apple isn't expected to hold an event for the iPhone SE 4, and will instead unveil the device through a press release.
The iPhone SE 4 is expected to have an iPhone 14-style design, with Apple eliminating the thick bezels and Touch ID Home button of...
Apple is internally testing iOS 18.3.1 for iPhones, according to our website's analytics logs, which have been a consistently reliable indicator of upcoming iOS versions. The software update should be released within the next few weeks.
iOS 18.3.1 should be a minor update that addresses software bugs and/or security vulnerabilities. Apple Intelligence notification summaries for news and...
Disney+ lost 700,000 subscribers worldwide in recent months, according to Disney's earnings results for the first quarter of 2025.
Disney said it now has 124.6 million Disney+ subscribers, a decrease of 0.7 million compared to its subscriber numbers in the fourth quarter of 2024. The drop in subscribers comes after Disney+ prices increased in the fall. Disney+ with Ads went from $7.99 to...