Recherche : [khronokernel]

CVE-2024-27822: macOS PackageKit Privilege Escalation https://khronokernel.com/macos/2024/06/03/CVE-2024-27822.html

05/06/2024 08:41:53

Another fun exploit! This time with local privilege escalation through Apple’s PackageKit.framework when running ZSH-based PKGs 🎉.

CVE-2024-34331: Parallels Repack Privilege Escalation https://khronokernel.com/macos/2024/05/30/CVE-2024-34331.html

30/05/2024 19:50:15

Another day, another accidental exploit 🥳. This time abusing Parallels Desktop’s trust in macOS installers, gaining local privilege escalation!

macOS' Rapid Security Response: Designed into a Corner https://khronokernel.github.io/macos/2023/04/18/RSR.html?s=09

03/05/2023 22:45:58

With macOS 13.3.1 dropping a few weeks ago, some people have been wondering what happened to Apple’s featured “Rapid Security Response” system they showed off back at WWDC 2022? For some reason, Apple keeps shipping their usual slow, bulky security updates as opposed to the new small and “rapid” security updates.

Today we’ll look into how the Rapid Security Response was implemented and how Apple’s Engineers designed themselves into a corner with this new system.

Liens par page

Filtres