Google has publicly disclosed three vulnerabilities in Apple's Mac OS X operating system, claiming that the firm failed to meet its 90-day patch deadline.
The vulnerabilities were reported by Google Project Zero member 'Ianb', who the made bugs public on 21 and 22 January after disclosing them privately to Apple in October.
Apple had not responded to V3's request for comment at the time of publishing.
The bugs are detailed in the following advisories: networkd [sic] effective_audit_token XPC type confusion sandbox escape, IOKit kernel code execution due to NULL pointer dereference in IntelAccelerator and IOKit kernel memory corruption due to bad bzero in IOBluetoothDevice.
All three bugs require an attacker to have access to the target machine to be exploited, and the 'networkd 'effective_audit_token' XPC' flaw may already have been fixed in Yosemite as it was tested only on OS X version 10.9.5.
It is also unclear whether the flaws are being actively exploited or targeted by hackers, although Google has released proof-of-concept exploits showing how the flaws could be used to mount escalation of privilege attacks or hijack vulnerable Macs.
The OS X bugs follow Project Zero's public disclosure of a Microsoft Windows flaw earlier in January.
Project Zero publicly revealed a flaw in Windows 8.1's NtApphelpCacheControl that could reportedly be exploited by a hacker, with difficulty, to launch an arbitrary executable with elevated privileges.
The disclosure led to a backlash by Microsoft, which claimed that it had responded to Google's private disclosure and asked the firm to delay its public report so that it could release a fix as a part of the January security update.
Microsoft subsequently released a fix for the flaw in the January Patch Tuesday bulletin.
Google launched Project Zero in July 2014, The team initially discloses flaws in private to the firms concerned and gives them 90 days to release a fix before making the research public.
IBM and Technical University of Munich team demonstrate how Shor's algorithm, which can't be cracked by conventional computers, can be solved quickly with quantum computing
Hubble Space Telescope finds superflares from young red dwarfs could strip away planetary atmosphere
Younger stars are 100 to 1,000 times more energetic than when they're older
Two of the big four supermarkets will use the system to control sales of restricted products
PUBG news and updates: November's Update #23 to bring new Skorpion pistol and changes to blue zone visibility
Genuinely useful side-arm coming to PUBG in Update #23