App Store-based password reset vulnerability discovered in macOS High Sierra, appears to be fixed in forthcoming update
Friday January 12, 2018. 12:00 PM , from Power Page
This is why Apple has a team working on security features.
For the third time in recent month, a vulnerability has been discovered in macOS High Sierra.
Back in September, security researcher Patrick Wardle discovered an exploit to snag plaintext passwords from the Keychain utility. Two months later, software developer Lemi Orhan Ergin realized that gaining root access to High Sierra machines was essentially as easy as inputting the username “root,” no password required.
Now, a bug report on Open Radar from earlier this week—affecting version 10.13.2—allows any user to change the App Store system preferences without a real password via these steps:
1) Log in as a local admin
2) Open App Store Prefpane from the System Preferences
3) Lock the padlock if it is already unlocked
4) Click the lock to unlock it
5) Enter any bogus password
If your Mac has already been unlocked, an outside party could easily turn off “automatically check for updates,” leaving a machine’s current bugs unpatched. This may not be as serious as allowing root access to a Mac, but it does leave more security holes than one would like.
On the upside, the issue appears to have been resolved with the forthcoming macOS High Sierra 10.13.3 update.
Stay tuned for additional details as they become available.
Via Gizmodo, Open Radar and MacRumors
Nov, Wed 21 - 13:40 CET