I'm so glad the Apple beta review team is rejecting my app for working instead of testing these issues. /s
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
macOS High Sierra Vulnerability Allegedly Allows Malicious Third-Party Apps to Access Plaintext Keychain Data
- Thread starter MacRumors
- Start date
- Sort by reaction score
Open terminal and try this, or not, but it should explain.
Open terminal in Sierra, enter:
"security dump-keychain -d login.keychain > keychain.txt" (to dump all your keychain objects).
Notice how you are prompted for each item as it iterates through they keychain objects?
if you can do the same in high Sierra without having to authenticate first, than thats the issue. I don't know, I won't know until later when I can test HS.
He surely did contact Apple.
Usually infosec do tell the afflicted company early and give a timeline for when they will announce the flaw if it’s not resolved. Likely he was just being appropriately professional and polite by not calling Apple out on not solving it even though they knew.
Usually infosec do tell the afflicted company early and give a timeline for when they will announce the flaw if it’s not resolved. Likely he was just being appropriately professional and polite by not calling Apple out on not solving it even though they knew.
Yes, serious. You have to provide admin access to this application or it can’t do anything. One of the reasons why the security set up is effective and reasonable is that most things you expect to be able to do don’t require a password. The system isn’t asking you so often that entering a password becomes a common expected response.
If you can get a user to download an app that looks like a file, when they double click on it, they’ll get a message which SHOULD stop them as every other file they’ve opened doesn’t require a password to open.
You simply cannot guard against people that would happily enter their admin passwords to open “Whatyourteacherdoesathome.mp4” or “CotYrCheatSpouse.mov”.
Is it known whether this issue only exists on High Sierra or also on Sierra, El Capitan etc.? I doubt that you are "safe" when you stay on 10.12. The issue is probably also there.
Your current system is just as affected. This isn’t a new exploit introduced in High Sierra, he just waited until HS was released for maximum impact. Either way, just don’t execute and provide admin access to any file that you don’t know about and you’re fine.
Looks like "other versions of macOS are vulnerable too":
https://twitter.com/patrickwardle/status/912392633909047296
https://twitter.com/patrickwardle/status/912392633909047296
If u want to get into troubles then quickly install these initial releases 
. It's full of bugs, as usual. I have had so many issues with their OS so I stopped doing a "beta testing" for them and usually wait for couple of FPs. I don't like their slow patch release policy too. Sometimes they are aware of bugs, but you have to wait weeks for another regular FP as they don't give a crap to release a hot fix immediately after its creation. But it's great that some ppl immediately install everything so we can get a bit better releases over time
. It's full of bugs, as usual. I have had so many issues with their OS so I stopped doing a "beta testing" for them and usually wait for couple of FPs. I don't like their slow patch release policy too. Sometimes they are aware of bugs, but you have to wait weeks for another regular FP as they don't give a crap to release a hot fix immediately after its creation. But it's great that some ppl immediately install everything so we can get a bit better releases over time How do you know this? The wording on his tweet said “On High Sierra.” Some people asked him for clarification but he sadly didn’t reply.
Edit: He clarifies yes, every OS is vulnerable: https://twitter.com/patrickwardle/status/912392633909047296
Last edited:
It seems you don’t know what a zero day is, technically. The “0 day” is a reference to a measurement from public or “the good guys” knowledge of the exploit, not release of the software, and not creation of an exploit privately.
Apple didn't fix the green button issue either, it still makes apps full screen and for some reason hides essential things like the dock and menu bar.
Given Apple's past behavior, he probably did and they probably threatened to sue him into not exposing the flaw. Just like they did with the flaws exposed by Google's security research team, where Apple aligned with Microsoft to hush the discoveries instead of fixing them.
Remember that Apple is into the appearance of security - basically marketing and media management - not actually doing it.
How is he a jerk ? He made YOU aware of an issue, which means YOU can hold off installing the software. Blame Apple, not him !
None. You have to submit them using the proper process in order to claim a bug bounty.
OK, I've been from the church of counting the days between the introduction of a software and disclosing the vulnerability (zero in this case), but you're obviously right.
Viruses and malware have been distributed via well-known trusted apps before, such as Handbrake. Now what?
Nope
And that’s why it’s at the top. Almost ALL the exploits I’ve seen recently have involved poorly thinking people installing software from outside the App Store. Just don’t do it, your vector for exploits go down precipitously.Me? I install what the heck I want when I want, damn the torpedoes. For ANYONE I expect MIGHT contact me for technical support, I instill the fear of ALL those apps outside the App Store that are only there because “THEY WANT TO DO STRANGE AND PERVERSE THINGS TO YOUR COMPUTER THAT SHOULDN’T BE DONE?!? Why aren’t they on the App Store, huh? WHAT DO THEY HAVE TO HIDE!”
