> What applications or system utilities are affected? Is it remotely exploitable or local only? Does it require elevated privileges?
I thought it was clear. Any report not saying a vulnerability requires elevated privileges means it doesn't. An application means any application. WebKit means possibly anything with WebKit including 3rd party apps. Applications are local. Web content can be remote. Combining exploits could give you kernel privileges remotely.
This is a "actively exploited" zero day bug which means there would be specific applications written to exploit this bug. Which application(s) did that? Who specifically crafted their application to exploit the OS X kernel?
> This is a "actively exploited" zero day bug which means there would be specific applications written to exploit this bug. Which application(s) did that? Who specifically crafted their application to exploit the OS X kernel?
It said Apple is aware of a report that this issue may have been actively exploited. Not aware it was. And possibly any WebKit application can be exploited and used to exploit the kernel.
Good question.
> What applications or system utilities are affected? Is it remotely exploitable or local only? Does it require elevated privileges?
I thought it was clear. Any report not saying a vulnerability requires elevated privileges means it doesn't. An application means any application. WebKit means possibly anything with WebKit including 3rd party apps. Applications are local. Web content can be remote. Combining exploits could give you kernel privileges remotely.