Live by the sword, die by the sword. Google Project Zero is all about identifying, reporting and then publicizing zero day exploits. Their most recent target is Apple’s OS X desktop operating system, though the vulnerabilities and exploits posted aren’t particularly threatening. However, with the release of OS X 10.10.2, all will soon be patched.
That stands in stark contrast a number of recent zero day Microsoft Windows vulnerabilities and exploits — dangerous stuff that Redmond was slow in patching.
Of the three OS X vulnerabilities and the related exploits revealed by Google Zero Day last week, Apple apparently patched one with the release of OS X Yosemite. The other two vulns, which require knowledge of and physical access to the Mac, will apparently be patched with the release of OS X 10.10.2, according to iMore.
To whit, Ars Technica adds that OS X 10.10.2 also includes a fix for the so-called Thunderstrike exploit.
That said, OS X 10.10.2 Update, development of which appears to be winding up, could arrive any time now.
Although Google Project Zero has only been around for about six months, it is already making an impact with Microsoft, which is used to a higher level of respect (deference) from hackers, on the receiving end of the most public humiliation. To date, humiliation has been the worst of it, though it’s not hard to imagine worse is yet to come.
Is Google Project Zero a good thing™ or should searchzilla just chill the eff out…
What’s your take?