macOS Zero-Day Vulnerability Disclosed by Project Zero

Researchers from Google’s Project Zero revealed information regarding a macOS zero-day vulnerability, dubbed “BuggyCow,” after Apple failed to address the issue by the 90-day deadline. The copy-on-write (COW) behavior bypass flaw could allow a local user to escalate privileges. The researchers also provided proof-of-concept (PoC) code to exploit the vulnerability. The NJCCIC recommends macOS users review the Project Zero  post and apply the patch if and when one becomes available.

AdvisoryNJCCICmacOS, Zero-Day