Google’s Project Zero reveals ‘High Severity’ for Mac OS

Google’s Project Zero has opened up to the world about a “high severity” defect in the MacOS kernel after Apple neglected to fix it within 90 days since the issue came. A security analyst found an issue in XNU that implies it is conceivable to perform illegal activities. The security bug identified with Copy on Write (COW) conduct, empowering an attacker to control file-system pictures without the concerning the operating system. Apple knew about this since last November, however it has neglected to discharge a fix.

XNU has different interfaces that allow making duplicate of Copy on Write information between processes, including out-of-line message descriptors in mach messages. It is essential that the duplicated memory is secured against later updates by the source process; generally, the source process may then destroy double-read in the final process. This duplicate copy can work with file mappings even. This implies, after the final process starts to read from the transferred memory zone, memory pressure can cause the page cache to suspend. Afterward, it can access the file backup system. Thus, this is a great security bug.

MacOS grants the users to mount filesystem pictures and this does not get forwarded into the mounted filesystem. A proof-of-idea has been made to demonstrate the threat in real life. This was kept secret until Task Zero’s 90-day violation was made, and thus this got revealed in front of the media. An analyst associated with the project said that, prior to this situation; no fix is still available from Apple. Apple is aiming to solve this issue in the near future; several ongoing researches are being made to find a proper fix of this issue. They expect they will soon find a way out, and come up with the solution.