https://www.zdnet.com/article/macos-mojave-zero-day-privacy-bypass-bug-revealed-on-the-day-of-download/
Talk about a zero day. Apple released their new operating system Mojave (10.14) and someone already found a way to access private data. The person who discovered this vulnerability was unable to get through to Apple’s security team. The best news is that this vulnerability does not affect the whole system but the details of what it does leave vulnerable is left to the imagination. In the video example from the link you can watch from Terminal the access and copying of the users Address Book. Apple doesn’t get caught with their pants down too often. Kudos to the discoverer.
Xinteng Chen says
Hi Brock
Thanks for sharing this information to us. It is important to test and detect the weaknesses on a system before it is used by users. If the vulnerabilities are found earlier, the company can easily fix the weaknesses. It is a way to reduce costs for products development. In formation protection is a basic function for users. Therefore, the finding is important to the new system.