New macOS Security Flaw Allows App Store Preferences Unlocking With Any Password

New macOS Security Flaw Allows App Store Preferences Unlocking With Any Password

New macOS Security Flaw Allows App Store Preferences Unlocking With Any Password

Open the App Store settings panel, click on the padlock to make changes, a password prompt pops up, type in any string of text, and the "password" is accepted, unlocking the preferences panel.

Attackers could gain access to your Mac thanks to another security flaw discovered in the latest version of its operating system.

The bug comes hot on the heels of a previous'root user password flaw discovered in December. Apple has reportedly already fixed the latest bug in beta versions of the next macOS High Sierra update which will be rolled out to the public in the coming

There is a security flaw in the most recent edition of macOSHigh Sierra, version 10.13.2, that allows users to unlock the App Store menu in System Preferences without knowing the password. Click the padlock to unlock settings, enter your admin username and any random password, and click Unlock. Flipping those settings could be used in conjunction with another attack to ensure a system wasn't patched to close a security hole, though local access or at least administrator access from a remote location are required. This should unlock the App Store preference for you.

Coming soon after a previous "root user" password flaw discovered in December, as well as the Meltdown and Spectre chip flaws, the timing is likely to shake consumer confidence, however.

Latest partisan gerrymandering decision adds to growing debate
Circuit Court of Appeals. "None of them emphasizes district shapes", he said . "This is a pretty weighty decision". That legislation has bipartisan support, but it's been sitting in committee without a hearing since February 2017.

The impact is small as it's only preferences for one application and, to get to it, you need to log into the operating system - and that password layer seems just fine.

"We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused". Thankfully Apple was quick in issuing an update that fixed the problem, but now it appears that a new password bug has appeared.

Dublin Fire Brigade battle massive blaze beside the airport
AA Roadwatch are advising motorists to drive with care, as the smoke may be affecting visibility on St Margaret's Road. A large fire at a vehicle recycling plant in north Dublin has been brough under control, Dublin fire Brigade said.

In order to reproduce the bug, a user can start by logging in as an admin. There's no current workaround to this issue, so the only real option is to wait for Apple to provide a solution.

'Our customers deserve better. Macrumors states that it can not reproduce the error on the beta versions of macOS 10.13.3, suggesting it'll be fixed in an upcoming release. "We are auditing our development processes to help prevent this from happening again", the company said in a statement to UberGizmo.

LeBron James, Stephen Curry lead NBA All-Star voting in second fan returns
As the second half of the National Basketball Association season tips off, we predict the Eastern Conference playoff picture. I think George will surpass Draymond Green and DeMarcus Cousins because of people liking him more than they like those two.

Related news