Hacker News new | past | comments | ask | show | jobs | submit login

There are 3 steps needed to exploit this attack vector (assuming no wetware exploits):

1. Download the file. Any website can do this by design.

2. Get LaunchServices to open the file. This requires at least one vulnerability.

3. Bypass quarantine. This requires at least one additional vulnerability.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: