The host is installed with Apple Mac OS X or Server 10.11.x before 10.11.1 and is prone to an untrusted search path vulnerability. A flaw is present in the application, which fails to properly handle a Trojan horse program that is loaded from an unexpected directory by an application that has a valid Apple digital signature. Successful exploitation could allow local users to bypass intended Gateke ...