One of the security fixes announced in OS X 10.10.3 was a puzzle. In the words of Apple’s description:
Security - Code Signing
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: Tampered applications may not be prevented from launching
Description: Applications containing specially crafted bundles may
have been able to launch without a completely valid signature. This
issue was addressed by adding additional checks.
The problem with that is that vulnerabilities the reports cited are nowhere to be found, presumably confidential to Apple.
Patrick Wardle, who found and detailed the vulnerability in Gatekeeper which allows dylib hijacking, has just tweeted:
#dylibhijack on OS X 10.10.3 still bypasses Gatekeeper allowing unsigned code to run 😐
So whatever vulnerability Apple may have fixed in 10.10.3, Gatekeeper is still vulnerable, and dlyib hijacks still fair game. Sorry for that bad news.