Google Discloses Unpatched 'High-Severity' Flaw in Apple macOS Kernel

Project Zero, a cybersecurity research division at Google, recently disclosed a 'High Severity' flaw in macOS due to the way the XNU kernel allows filesystem image manipulations without informing the operating system.  Copy-On-Write (COW) is a resource management and optimization strategy that allows two processes to access data from the same source without making a copy.  If a change is made, COW makes a copy of the data in the memory so that both processes have the original data accessible.  Project Zero gave a 90 day period to fix the flaw after Apple silently acknowledged the issue.  Apple missed the deadline, causing the exploit to be publicly disclosed.

Relevant URL(s):