As part of our launch manifesto, we committed to openness and transparency, including sharing full details of our research.
About a month ago, Apple released two security advisories which fixed some Project Zero findings. Today, we’re releasing the technical details by making some bugs public. Why now? Generally, we’ll always wait a little while after a patch is available, to give users time to apply the patch.
We won’t be writing a blog post for every set of bugs we make public. The main reason for this particular blog post is to highlight our process for making bugs public. That said, there are some interesting bug details available as of today!
more here...........http://googleprojectzero.blogspot.com/2014/07/mac-os-x-and-iphone-sandbox-escapes.html
About a month ago, Apple released two security advisories which fixed some Project Zero findings. Today, we’re releasing the technical details by making some bugs public. Why now? Generally, we’ll always wait a little while after a patch is available, to give users time to apply the patch.
We won’t be writing a blog post for every set of bugs we make public. The main reason for this particular blog post is to highlight our process for making bugs public. That said, there are some interesting bug details available as of today!
more here...........http://googleprojectzero.blogspot.com/2014/07/mac-os-x-and-iphone-sandbox-escapes.html