Besides having more time to create new macOS security tools, thanks to all your support, I also have more time to write! Something I really love to do ✍ ☺️
I recently found two interesting bugs within the same function in Apple's macOS (XNU) kernel. After reporting them to Apple, I spent the weekend gaining a thorough understanding of each bug and began documenting my findings in 2-part blog post. Part one is now live :)
In part one, I show that armed with a kernel panic report, we are able to track down the faulting instruction and figure out the cause of the panic. Interestingly, I believe this bug, an 'off-by-one' error was intentional, albeit non-maliciously so. Read part one of the blog here! Part two will posted in the upcoming days.
*note: patrons at the 2^3 level and above will generally get early access to blog posts! However, as these two specific posts deal with security vulnerabilities patched in macOS 10.12.4 (that was just released today), I felt full public disclosure was warranted. Mahalo for your understanding!