Google has publicly disclosed three vulnerabilities in Apple's Mac OS X operating system, claiming that the firm failed to meet its 90-day patch deadline.
The vulnerabilities were reported by Google Project Zero member 'Ianb', who the made bugs public on 21 and 22 January after disclosing them privately to Apple in October.
Apple had not responded to V3's request for comment at the time of publishing.
The bugs are detailed in the following advisories: networkd [sic] effective_audit_token XPC type confusion sandbox escape, IOKit kernel code execution due to NULL pointer dereference in IntelAccelerator and IOKit kernel memory corruption due to bad bzero in IOBluetoothDevice.
All three bugs require an attacker to have access to the target machine to be exploited, and the 'networkd 'effective_audit_token' XPC' flaw may already have been fixed in Yosemite as it was tested only on OS X version 10.9.5.
It is also unclear whether the flaws are being actively exploited or targeted by hackers, although Google has released proof-of-concept exploits showing how the flaws could be used to mount escalation of privilege attacks or hijack vulnerable Macs.
The OS X bugs follow Project Zero's public disclosure of a Microsoft Windows flaw earlier in January.
Project Zero publicly revealed a flaw in Windows 8.1's NtApphelpCacheControl that could reportedly be exploited by a hacker, with difficulty, to launch an arbitrary executable with elevated privileges.
The disclosure led to a backlash by Microsoft, which claimed that it had responded to Google's private disclosure and asked the firm to delay its public report so that it could release a fix as a part of the January security update.
Microsoft subsequently released a fix for the flaw in the January Patch Tuesday bulletin.
Google launched Project Zero in July 2014, The team initially discloses flaws in private to the firms concerned and gives them 90 days to release a fix before making the research public.
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally