An 18-year-old security researcher from Italy dropped details and proof-of-concept code about the security issue. Luca Todesco’s exploit chains together two vulnerabilities that affect memory processes in OS X 10.5 through 10.10 at kernel level that bypass existing mitigations such as ASLR. The flaw has apparently been addressed in the El Capitan beta version of OS X, according to a post on Github. The risk of a successful attack requires a user to execute a malicious application or download from the Web.
Source: https://threatpost.com/apple-zero-day-remains-unpatched/114333/