PEGASUS iOS Kernel Vulnerability Explained

<p><pre><code> Because we at SektionEins believe keeping the public in the dark about details of already fixed vulnerabilities is wrong... ...use our private jailbreak... </code></pre> i.e. your undisclosed vulnerabilities bad, my undisclosed vulnerabilities are cool.<p>Useful analysis, but casting a marketing endeavor as a public service is rather disingenuous.

Once again demonstrating that the term &quot;zero day&quot; is horribly overused and misused and probably should be eliminated from the lexicon, the OSUnserializeBinary bug doesn&#x27;t appear to be new. Brandon Azad[1] says he discovered it last year. It was fixed in OS X in May. Or maybe the fix didn&#x27;t work since they had to make another patch this week.<p>[1] <a href="https:&#x2F;&#x2F;bazad.github.io&#x2F;2016&#x2F;05&#x2F;mac-os-x-use-after-free&#x2F;" rel="nofollow">https:&#x2F;&#x2F;bazad.github.io&#x2F;2016&#x2F;05&#x2F;mac-os-x-use-after-free&#x2F;</a>

Did these guys just admit they have their own private jailbreak? That seems like something you&#x27;d keep quiet

Apple also released a fix for OS X with its latest update.<p><a href="https:&#x2F;&#x2F;support.apple.com&#x2F;en-us&#x2F;HT207130" rel="nofollow">https:&#x2F;&#x2F;support.apple.com&#x2F;en-us&#x2F;HT207130</a>

Realistically, is this in the wild under active exploit? With the likelihood of infection remote unless one is a UAE-targeted activist?

Are people who never install new apps on their Mac safe without updating for now, or can this be exploited over the web?