On Friday, Thijs Alkemade (@xnyhps) is giving the presentation “Don’t Talk All at Once! Elevating Privileges on macOS by Audit Token Spoofing” at the Objective by the Sea conference in Marbella (Spain). This talk will describe how XPC connections are implemented on macOS and how a design issue could be exploited to elevate privileges on macOS to root.

For more info, see https://objectivebythesea.org/v6/index.html
A live stream should be available on: https://www.youtube.com/channel/UCQycc8VDhHuNkZlKSSTDHzw

#OBTS #OBTSv6 #macOS