Yesterday Apple released macOS High Sierra to happy Mac owners who couldn't get their hands on the next-gen OS that was free of charge. Of course something had to try to spoil the moment and a security researcher Patrick Wardle, a former NSA hacker who now serves as chief security researcher at Synack, posted a video of the High Sierra hack -- a password exfiltration exploit -- in action. Passwords are stored in the Mac's Keychain, which typically requires a master login password to access the vault. But Wardle has shown that the vulnerability allows an attacker to grab and steal every password in plain-text using an unsigned app downloaded from the internet, without needing that password. Wardle tested the exploit on High Sierra, but said that older versions of macOS and OS X are also vulnerable. Read more about this here.
About Making Comments on our Site: Patently Apple reserves the right to post, dismiss or edit any comments. Those using abusive language or negative behavior will result in being blacklisted on Disqus.