
iOS and Mac OS X are regarded by Apple as extremely secure operating systems, but it seems like security researchers have a new trick up their sleeve every time Apple blinks an eye.
The newest security flaws are known as zero-day exploits and affect the security of your passwords stored in the Keychain Access application, as well as other password-sensitive applications on your machine, whether it's an iOS or OS X device. The malicious code can be a part of any sand-boxed application on your machine, such as the ones you download from the Mac App Store, and can put your security at huge risks.
The exploits are effective across a wide range of applications and features on a Mac or iOS mobile device, including iPassword, Chrome, Dropbox, Evernote, Instagram, Pocket, and many others, as MacRumors notes.
Much like the case of the E-mail phishing HTML bug that we reported on about a week ago, the researchers behind this exploitation process went to Apple first and haven't heard back from the company in more than 6 months. As a result, Luyi Xing, the lead security researcher, is now publicizing their work to attempt to raise awareness and exacerbate the problem enough to force Apple to immediately fix the problem.
This is big and Apple needs to fix it. The company was probably too busy working on stability updates for OS X El Capitan and iOS 9 to answer the needs of the researchers in the time requested. Apple will certainly fix the problem in due time now that the public is aware of it.
Sources: Full Report via MacRumors
Message