Apple's latest and sensuality and eroticism fueled by emotiongreatest operating system, macOS High Sierra, hit the digital airwaves on September 25 — promising a free upgrade to Macs around the world with at least 2GB of memory. And while the OS is chock-full of exciting new features, it's the vulnerabilities that have at least one security researcher excited.
That's because it turns out that, with just a little bit of effort, hackers can steal all your passwords off a computer running High Sierra. Which, frankly, is not a good look for Apple.
SEE ALSO: Apple is cleaning up account security in macOS High SierraAccording to security researcher Patrick Wardle, he was able to run an unsigned app on the new OS that could steal plaintext passwords. He posted evidence of his proof of concept to Twitter, and included a link to a video demonstrating an app he dubbed "keychainStealer."
This Tweet is currently unavailable. It might be loading or has been removed.
"I discovered a flaw where malicious non-privileged code (or apps) could programmatically access the keychain and dump all this data .... including your plain text passwords," he explained on Patreon. "This is not something that is supposed to happen!"
Importantly, he noted that while he has only tested High Sierra, it appears that El Capitan is vulnerable as well. But the news isn't all bad, as Wardle emphasized that for this to work your computer would first have to be infected with malware.
"As this is a local attack, this means a hacker or piece of malware must firstinfect your your Mac," Wardle reassured concerned readers. "Typical ways to accomplish this include emails (with malicious attachments), fake web popups ("your Flash player needs updating"), or sometimes legitimate application websites are hacked (e.g. Transmission, Handbrake, etc)."
Apple, for its part, isn't that impressed with the exploit — although a spokesperson confirmed they are looking into it.
"macOS is designed to be secure by default, and [Apple security feature] Gatekeeper warns users against installing unsigned apps, like the one shown in this proof of concept, and prevents them from launching the app without explicit approval," the spokesperson told Mashablevia email. "We encourage users to download software only from trusted sources like the Mac App Store, and to pay careful attention to security dialogs that macOS presents.”
This Tweet is currently unavailable. It might be loading or has been removed.
Wardle, meanwhile, is thankfully not looking to steal all your passwords. Instead, he contacted Apple about the exploit before going public and believes the company's engineers are in the process of patching the High Sierra holes.
"As my discovery of this bug and report (in early September) was 'shortly' before High Sierra's release, this did not give Apple enough time to release a patch on time," he wrote. "However, my understanding is a patch will be forthcoming!"
Essentially, it all boils down to this: Don't download sketchy apps, and make sure you always update your OS to the latest version in order to receive any and all patches. And, regardless of the specific threat posed by Wardle's findings, that's some basic security advice to live by.
Topics Apple Cybersecurity
Apple is advertising on Elon Musk's X again
This New York Comic Con cosplay is the all
Safelite has seen 'Saturday Night Live' sketch, and they aren't happy
A Batman video game showed a real image of a slain Russian ambassador
Ms. Frizzle spotted at Science Marches across the globe
Watch Claire and Jamie's sexy Outlander reunion in this preview video
Costco will finally deliver all those giant bulk items with its new grocery service
Say hello to Apple's new iOS 11 emoji
Elon Musk's DOGE.gov website can apparently be edited by anyone
Be your own publicist: How to use your resume to really sell yourself
Best Amazon deal: Save 20% on floral and botanical Lego sets
'Marvel's Runaways' premieres first episode at New York Comic Con
Be your own publicist: How to use your resume to really sell yourself
Download this: Apple Music's Facebook bot suggests songs based on emoji
Super Bowl LIX livestream: Watch Eagles vs Chiefs on Tubi
Microsoft's Joe Belfiore just buried Windows Phone...on Twitter
'The X
A new Star Wars trailer is dropping during Monday Night Footbal
Sri Lanka vs. Australia 2025 livestream: Watch 1st ODI for free
Safelite has seen 'Saturday Night Live' sketch, and they aren't happy
Why are these descriptions of cheese so horny?This is what Donald Trump thinks of 'BlackSnapchat is more popular than everBreaking news: 'Hidden Fences' is NOT an actual film, Michael KeatonThink FaceApp's privacy policy is sketchy? We've got some news for you.Tesla driver kills pedestrian with Getaround rentalIBM reveals new pride logo as a wave antiWoman discovers sneaky seal hiding in her back gardenTerrified swimming elephant stays afloat in a fantastic Photoshop battleHate new Twitter? How to get back old Twitter.5 frosty TV shows to cool you the hell downThink FaceApp's privacy policy is sketchy? We've got some news for you.J.K. Rowling shares spectacularly awkward anecdote about drunk man in barWhy Apple buying Intel's modem business is a big deal for the iPhone'Fortnite' update lets you watch 'Fortnite' while playing 'Fortnite'Put these keywords in your YouTube video title if you want more viewsVladimir Putin wanted a President TrumpSamsung says an improved Galaxy Fold will launch in SeptemberTop Bollywood filmmaker Karan Johar comes out of the closet, nearlyVladimir Putin wanted a President Trump NYT Strands hints, answers for November 5 NYT Connections hints and answers for November 5: Tips to solve 'Connections' #513. Celtic vs. RB Leipzig 2024 livestream: Watch Champions League for free Best speaker deal: Save $30 on the JBL Clip 5 Spacecraft watches lonely Earth and moon fade into the distance Best Bose speaker deal: Get $100 off the Bose SoundLink Max Walmart deal of the day: Get $50 off the Ninja CREAMi Oregon vs. Michigan football livestreams: kickoff time, streaming deals, and more Best cordless vacuum deal: 30% off Dyson V11 Origin Cordless Best free TV deal: Buy 85 How to identify AI Best tablet deal: Save 50% on the Amazon Fire HD 8 Kids and Fire HD 8 Kids Pro tablets Indiana vs. Michigan State football livestreams: kickoff time, streaming deals, and more Watch live updates of the 2024 U.S. election on your iPhone Lock Screen — here's how NYT Connections Sports Edition hints and answers for November 2: Tips to solve Connections #41. Best 4K TV Deal: Save $300 on the 65 Amazon's Prime Video launches AI Is NFL RedZone down? Users report issues during Week 9 Today's Hurdle hints and answers for November 5 NYT Connections hints and answers for November 3: Tips to solve 'Connections' #511.
1.7165s , 10195.1015625 kb
Copyright © 2025 Powered by 【sensuality and eroticism fueled by emotion】,Wisdom Convergence Information Network