Apple's Beats brand in April unveiled the Powerbeats Pro, a redesigned wire-free version of its popular fitness-oriented Powerbeats earbuds.
Google Shares Details on Unpatched 'High Severity' macOS Kernel Flaw
Google's Project Zero team in November found a "high severity" macOS kernel flaw that was recently disclosed (via Neowin) following the expiration of a 90 day disclosure deadline.
As explained by Google, the flaw allows an attacker to modify a user-owned mounted filesystem image without informing the virtual management subsystem of the changes, meaning a hacker can tweak a file system image without user knowledge.
Google then publicly shares details on security flaws when a bug is fixed or when the 90-day deadline expires. Apple was informed of the bug in November, and the 90 day period elapsed without a fix.
Mac users should, as always, be wary of the files they're downloading to avoid attacks like this, making sure to download files only from trusted sites. It's not known if this is a bug that's easy to exploit, but Google has marked it as severe because it has the potential to bypass macOS safeguards.
As explained by Google, the flaw allows an attacker to modify a user-owned mounted filesystem image without informing the virtual management subsystem of the changes, meaning a hacker can tweak a file system image without user knowledge.
This copy-on-write behavior works not only with anonymous memory, but also with file mappings. This means that, after the destination process has started reading from the transferred memory area, memory pressure can cause the pages holding the transferred memory to be evicted from the page cache. Later, when the evicted pages are needed again, they can be reloaded from the backing filesystem.According to Google, Apple has not yet fixed this issue. Apple is planning to implement a fix in an upcoming software update, however.
This means that if an attacker can mutate an on-disk file without informing the virtual management subsystem, this is a security bug. MacOS permits normal users to mount filesystem images. When a mounted filesystem image is mutated directly (e.g. by calling pwrite() on the filesystem image), this information is not propagated into the mounted filesystem.
We've been in contact with Apple regarding this issue, and at this point no fix is available. Apple are intending to resolve this issue in a future release, and we're working together to assess the options for a patch. We'll update this issue tracker entry once we have more details.Google released the details on the bug without a fix from Apple because of its Project Zero policies. After discovering a security flaw, Project Zero provides details to the company that makes the software, providing them with 90 days to fix it before disclosure.
Google then publicly shares details on security flaws when a bug is fixed or when the 90-day deadline expires. Apple was informed of the bug in November, and the 90 day period elapsed without a fix.
Mac users should, as always, be wary of the files they're downloading to avoid attacks like this, making sure to download files only from trusted sites. It's not known if this is a bug that's easy to exploit, but Google has marked it as severe because it has the potential to bypass macOS safeguards.
Tag: Google
[ 85 comments ]
Top Rated Comments
(View all)
20 weeks ago
A teenager and Google trying to make Macs more secure :eek: and Apple's reported response to them looks like "talk to the hand". :confused:
What are they doing over in the spaceship? I'm not even remotely technically literate so I'm genuinely curious: is this a sign of internal mismanagement or nothing really of consequence but makes an interesting headline?
20 weeks ago
A teenager and Google trying to make Macs more secure :eek: and Apple's reported response to them looks like "talk to the hand". :confused:
What are they doing over in the spaceship? I'm not even remotely technically literate so I'm genuinely curious: is this a sign of internal mismanagement or nothing really of consequence but makes an interesting headline?
What are they doing over in the spaceship? I'm not even remotely technically literate so I'm genuinely curious: is this a sign of internal mismanagement or nothing really of consequence but makes an interesting headline?
20 weeks ago
But, but, but... New Emojis! No really, look, over here - new emojis! And thinner too!
20 weeks ago
Out of curiosity, has Google's Project Zero disclosed unpatched issues in Google's own software? I've heard of a few directed at Apple products, but none directed at Google's own products...
20 weeks ago
I think the likelyhood of being exposed to this venerability is quite low (assuming they need physical possession of your hardware, to start). What brought me to the forum was to say, I'm glad for news like this. Not that venerabilities aren't bad, but because knowing there are teams identifying and resolving these issues is making a secure future for everyone. Sure, there are people who can flame Apple for not fixing sooner (I'm sure there are legitimate reasons, not some dude saying "nah, not today Google"), but that we have a culture that is pushing security is encouraging.
I'd be interested to know how many negative commenters are knowledgeable in low level kernel/ file system architecture to even reproduce the venerability, let alone patch it to an installed base of millions of users. It's so easy to critique things you don't understand.
I'd be interested to know how many negative commenters are knowledgeable in low level kernel/ file system architecture to even reproduce the venerability, let alone patch it to an installed base of millions of users. It's so easy to critique things you don't understand.
20 weeks ago
Seems like Apple's PR department is the only body capable of making Apple's Security Team care about fixing critical bugs.
20 weeks ago
I have used Macs and MS-based machines for decades. I have never used a google-device or OS, so I cannot speak to the vulnerability of Googleware, but I have never run any anti-virus or anti-adware or other 3rd-party "security" software on any mac I have ever owned, and I have never been hacked, attacked, or noticed any weird pieces of software or unauthorized users on my machines. I don't even keep tabs on what viruses exist for MacOS. From time to time, I have installed anti-virus software just to see if the programs detect anything, but so far, never.
In the Windows world, I have actually never NOT run something. Most past employers/clients who have provided me with MS-Windows based machines have insisted/mandated some form of anti-virus software -- McAffey or Simantec or Norton of something. On the rare occassions I have had such a machine without anti-virus software, I have run into issues. In fact, years ago there was an instance such that I had to re-install my copy of Windows on my laptop, and I got a virus immediately after installing the OS -- apparently there was some hole in the installation that once it "phoned-home" as an admin user, a virus was immediately install onto the machine. It was easy to eradicate, but it essentially installing anti-virus software as part of the OS install.
I am appreciative that Google is out there trying to make everyone's information safer, but making this "vulnerability" public doesn't seem to help anyone.
To the Mac User base listening into this thread -- has anyone ever had a virus on a Mac?
Windows has it's own built in virus checker.
I had a Surface Pro 4 for a year and a Surface Book 2 for a year and never had any issues whatsoever. It really isn't the wild west of viruses like the mid-2000s. If you don't visit shady websites you'll be fine.
20 weeks ago
Any bets on if Apple fixes this within 90 days?
They were informed about this back in Nov. Now the 90-day deadline has already passed.
I'm pretty sure this press release will put more pressure on them to fix this in the next update.
20 weeks ago
This is what happens when you've spent too much on hiring propagandists instead of security researchers and developers.
[ Read All Comments ]
After a busy few weeks of news and rumors, things slowed down a little bit this week, but there were still some major stories worth highlighting. Those include our first hands-on look at dummy models...
For this week's giveaway, we've teamed up with Reolink to offer MacRumors readers a chance to win an Argus 2 wire-free rechargeable home camera and a solar panel for charging it up outdoors.
...
Apple Music has renamed its "The A-List: Hip-Hop" playlist to "Rap Life."
Ebro Darden, global editorial head of hip-hop and R&B at Apple Music, will host a companion...
Samsung is believed to be Apple's exclusive supplier of OLED displays for iPhones, but it may have company soon.
In a research note shared with MacRumors, Barclays analysts said fellow...
1Password has restored the option for customers who originally purchased its iOS app to create a local vault during setup, after users queued up online to voice their frustrations with the fact that...
Apple is planning to open an office in highly desired location in Vancouver, Canada reports Bloomberg. The company has leased space in a 24-story office building at 400 West Georgia owned by...
Elevation Lab, known for its line of popular iPhone charging docks, today released the FamilyCharger, a multi-charging setup designed to allow you to charge all of your devices in one place.
The...
Apple today seeded the third beta of an upcoming macOS Catalina update to its public beta testing group, two weeks after seeding the second public beta and a day after seeding the fourth developer...
