DigiNews

Summary

In-depth analysis of Apple's Memory Integrity Enforcement (MIE) and a public bypass (CVE-2026-28952) affecting macOS on Apple Silicon. The piece explains how a 64-bit integer overflow in _zalloc_ro_mut allows an attacker to spill bytes into the RO zone and flip a ucred cr_uid to 0, effectively achieving local root before patch cadence closes the door. It also covers the two-instruction fix, defender implications, and how attackers might chain this with userland primitives.