Mac password flaw leaves Apple red-faced

Share

High Sierra (10.13.2) appears to be the only vulnerable version of the OS at present; the vulnerability doesn't appear on MacOS 10.12.6 or earlier.

Anyone hoping to recreate the bug on their own Mac should log in as a local admin, then open the App Store preference pane from System Preferences. This allows you to change settings such as what updates to install, whether to install security updates, and more.

Apple Mac computers running the latest version of Apple's High Sierra operating system have a flaw that lets just about anyone unlock and edit a person's App Store preferences with any password. First noted in a security report on Open Radar, admins can punch in literally any password to gain access. The folks at MacRumors report they were able to successfully bypass the real password by following the above steps on an administrative account, but were not able to trick any other System Preferences login prompts with a bogus password. Click the padlock to unlock settings, enter your admin username and any random password, and click Unlock.

Facebook is testing local news and events section for local publishers
For those who have access to the feature, it is accessible via the menu button in the bottom-right of the main Facebook app. The users will then also be able to follow the cities that they do not now live in, like childhood hometown.

Back at the tail end of November, Apple had to rush out an emergency security patch after news of a serious security flaw surfaced in macOS High Sierra.

The bug is nowhere near as risky as the root-access security flaw that was uncovered previous year, whereby attackers could gain root access to MacOS computers by typing "root" in the username field and leaving the password field blank.

"We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused".

Ricky Martin Prenup Signed, It's Official ... I'm a Husband!!!
Jwan is 32 years old, 12 years Ricky's junior, and was raised in Sweden after being born in Syria to a Kurdish family. What you're feeling is not godly, that I'm not a good person if I'm feeling this. 'I want four more pairs of twins.

The bug comes hot on the heels of a previous "root user" password flaw discovered in December. Attackers could use that particular vulnerability to install malicious programmes, delete Apple IDs and anything else that they wanted to do.

It's not known when the fix that is included with macOS 10.13.3 beta will ship to all customers, but hopefully the update will reach users soon. "We are auditing our development processes to help prevent this from happening again", Apple said in a statement.

Rumors: Kylie Jenner dumped by Travis Scott, to confirm pregnancy on 'KUWTK'
Although she has kept a low-profile, sources revealed that Jenner has been using private jets to visit her beau every weekend. The rumors are strong that the 20-year-old makeup mogul is about to announce her pregnancy.

Share