Uninformed: Informative Information for the Uninformed

Vol 8» 2007.Sep

Next: Introduction

OS X Kernel-mode Exploitation in a Weekend

September, 2007

David Maynor


Apple's Mac OS X operating system is attracting more attention from users and security researchers alike. Despite this increased interest, there is still an apparent lack of detailed vulnerability development information for OS X. This paper will attempt to help bridge this gap by walking through the entire vulnerability development process. This process starts with vulnerability discovery and ultimately finished with a remote code execution. To help illustrate this process, a real vulnerability found in the OS X wireless device driver is used.