MacKeeper OS X and iOS utility has been patched against a remote code execution zero day vulnerability. The flaw is in the software utility s URL handler implementation. An attacker luring a victim to a malicious webpage could exploit the vulnerability and run code on the compromised machine, if the user is authenticated to the utility. The vulnerability was disclosed on Friday after it was patched by researchers at SecureMac. The company said it is not aware of any attacks exploiting this vulnerability, and that it patched the issue within hours.
Source: https://threatpost.com/mackeeper-patches-remote-code-execution-zero-day/112721/