Home / Apple / New macOS High Sierra Vulnerability Allows Access To App Store System Preferences With Any Password

New macOS High Sierra Vulnerability Allows Access To App Store System Preferences With Any Password

A security bug on the macOS High Sierra was detected on version 10.13.2. The App Store System Preferences will easily unlock when logged in as an administrator and using any password as claimed in a bug report on Open Radar.  ( Josh Edelson | AFP/Getty Images )

The latest macOS High Sierra has a gaping security hole that provides easy access to the App Store system settings, which unlocks using any password.

Gaining entry to the App Store System Preferences was made easy with the bug detected on macOS High Sierra version 10.13.2, courtesy of a report filed on Open Radar. In a recreated scenario, the bug will open the App Store to potential exploits in just a few steps. Users will simply need to log in as local admin, lock the padlock icon, and unlock it anew using a username and a random password.

However, the detected vulnerability is not the same as having root or superuser access. It appears too that Apple has already resolved the issue in the beta version of macOS 10.13.3, which is scheduled to roll out this January.

Cause For Concerns

It’s possible too that the bug exists by design since the App Store System Preferences is unlocked by default when logged in with administrator privileges. This is so because the settings in the same menu are not seen as high-security risks.

The main cause of concern is the lack of a solid protective wall that will deny entry to Apple’s vaunted and sophisticated operating system for personal computing. The App Store that is easy to crack seems unbecoming of Apple, a company that prides itself for having robust security protocol.

It’s noteworthy, though, that in recent months, Apple was compelled to deal with nagging security lapses that put to question the integrity of its products and services, specifically the macOS.

Security researchers called out Apple last September 2017, when an exploit High Sierra was discovered that will allow would-be hackers to lift plaintext password from Keychain. Then in December, macOS was again the subject of vulnerability talks with security experts pointing to the so-called root login bug. The exploit will reportedly provide root access to machines running on High Sierra just by inputting “root” as username, with no password requirement.

These series of security faux pas on Apple’s part served as a huge embarrassment for the company that normally responds in swift and resolved manner in matters of security.

This time around, the App Store having a door open for a potential compromise should serve as a gentle reminder for firm to review its OS updates. With better quality assurance system in play, it’s more likely that bugs and exploits will be minimized or eliminated altogether during update releases.

© 2018 Tech Times, All rights reserved. Do not reproduce without permission.

Source

Check Also

T-Mobile Offers $700 Discount On Second iPhone X; More BOGO Deals Available

Apple apologizes for slowing down older iPhone batteries T-Mobile starts off the year by unveiling …

Nvidia Rolls Out Updated Drivers To Prevent Meltdown Or Spectre From Destroying Your CPU

Meltdown and Spectre: What you need to know about the computer chip flaws Companies struggled …

Apple already ran out of iPhone 6 Plus replacement batteries – BGR

After years of speculation, Apple a few weeks ago finally admitted to purposefully throttling performance …

Leave a Reply

Your email address will not be published. Required fields are marked *