Apple apparently fixed vulnerabilities disclosed last week by Google in OS X Yosemite 10.10.2 beta.
The vulnerabilities ended up sent to Apple in October and Google published them after the 90-day disclosure deadline passed.
One of the flaws was a sandbox escape which appears fixed in OS X Yosemite. The other bugs are a code execution vulnerability and a memory corruption affecting the IOKit kernel.
Another issue reportedly addressed in OS X Yosemite 10.10.2 is Thunderstrike, a serious vulnerability (CVE-2014-4498) demonstrated by researcher Trammell Hudson at the 31C3 security conference in Germany in late December.
The researcher found an attacker with physical access to an Apple device can use the Thunderbolt port to install a highly persistent bootkit on the EFI (Extensible Firmware Interface) boot read-only memory (ROM) within minutes. The malware could spread from one computer to the other via Thunderbolt devices attached to the infected machine.
The proof-of-concept (PoC) malware developed by Hudson doesn’t have a malicious payload, but a weaponized version of the threat can give an attacker total control.
Yosemite 10.10.2 will address this issue on all Macs by preventing replacement of the boot ROM by blocking attempts to roll back the firmware to a previous version that allowed such attacks.