Mac password flaw leaves Apple red-faced

Share

High Sierra (10.13.2) appears to be the only vulnerable version of the OS at present; the vulnerability doesn't appear on MacOS 10.12.6 or earlier.

Anyone hoping to recreate the bug on their own Mac should log in as a local admin, then open the App Store preference pane from System Preferences. This allows you to change settings such as what updates to install, whether to install security updates, and more.

Apple Mac computers running the latest version of Apple's High Sierra operating system have a flaw that lets just about anyone unlock and edit a person's App Store preferences with any password. First noted in a security report on Open Radar, admins can punch in literally any password to gain access. The folks at MacRumors report they were able to successfully bypass the real password by following the above steps on an administrative account, but were not able to trick any other System Preferences login prompts with a bogus password. Click the padlock to unlock settings, enter your admin username and any random password, and click Unlock.

Trump slams 'sneaky' Feinstein over Russian Federation info release
Steele drew upon a range of sources, including figures linked to Russian intelligence, to compile the dossier a year ago . Mr Simpson declined to say who he suspected the whistle-blower to be, but did not think it was a source of Mr Steele's.

Back at the tail end of November, Apple had to rush out an emergency security patch after news of a serious security flaw surfaced in macOS High Sierra.

The bug is nowhere near as risky as the root-access security flaw that was uncovered previous year, whereby attackers could gain root access to MacOS computers by typing "root" in the username field and leaving the password field blank.

"We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused".

Jay Bruce returns to Mets on 3-year deal
He was a three-time All-Star, including in 2016, the year in which he was traded to the Mets. Bruce's deal is for three years, $39 million, The Post's Mike Puma confirmed .

The bug comes hot on the heels of a previous "root user" password flaw discovered in December. Attackers could use that particular vulnerability to install malicious programmes, delete Apple IDs and anything else that they wanted to do.

It's not known when the fix that is included with macOS 10.13.3 beta will ship to all customers, but hopefully the update will reach users soon. "We are auditing our development processes to help prevent this from happening again", Apple said in a statement.

Apple's Jimmy Iovine denied rumours that he's leaving the company
Some of his best work was behind the scenes, he made other people great and I think that's the thing that made him so special. An uncomfortable question for Apple: Did it get its money's worth when it paid Iovine and his partner, Dr.

Share