Apple patches Google-disclosed vulnerabilities
This time Google's Project Zero caught the big Apple in its net, publishing details of three vulnerabilities in Mac OS X that are rated as high severity. As with the Microsoft vulnerabilities, Google also published proof of concept code that could be used by hackers to exploit the vulnerabilities.
Apple received notice of these vulnerabilities in October and when the 90 day window for fixing them closed, Google's automatic disclosure policy kicked in.
Today Security Week reported that those three vulnerabilities plus the Thunderstrike vulnerability reported in December have been patched by Apple in OS X Yosemite 10.10.2 (beta).