Mac security flaws shakes Apple once again - you can open the Mac App Store settings without a password

Apple | Jan 15, 2018 |

Have they completely lost control?

On Open Radar, a security error is reported. Now Apple has revealed as coarse security detectives again.

No longer controls macOS
This hole reminds a lot about the root hole that did not require a password. That error was more serious, but this hole again demonstrates that Apple has no control.

The error applies to latest macOS version 10.13.2 and gives access to the Mac App Store settings without knowing the password. This is possible because the settings are opened with the user's local password, not the iCloud password.

The hole is sealed in beta versions of 10.13.3.
All you need to do is access the hanger icon to lock the settings, press again, enter the current username (it must be a local admin account) and press unlock with any password. That's it. We said it looked like this mistake.

Here are all the mistakes Apple had on the tamp of 2017

December 7 - HomeKit, iOS: Serious security hole shakes Apple again
December 2nd - Mac: The malfunction that did not work for everyone
November 28th - Mac: Full access to macOS without knowing the password - Also worked "remote"
November 30th - Mac: New issue has appeared in macOS after Apple's error fix
November 6 - iOS: Strange Error in iOS 11.1: Users May does not enter "In"
October 26 - iOS: Press 1 + 2 + 3 quickly in the iOS 11 calculator, you hardly get 6

Keywords: Apple, Mac, Macos, Security

Sources: Open Radar


comments powered by Disqus

Page 1 of 438  >  >>

Now Wi-Fi is getting faster


Sep 18, 2019 | Category: IT | Comments

The new standard is officially approved and ready for implementation.

read more…

Volkswagen will create a brand new OS


Sep 17, 2019 | Category: IT | Comments

Invest heavily to create a common operating system for VW-affiliated cars.

read more…

Microsoft September Patch Tuesday Addresses Two Actively Exploited Zero-Day Bugs


Sep 16, 2019 | Category: Microsoft | Comments

This Tuesday, Microsoft has rolled-out its scheduled monthly updates for 80 different bugs. Notably, the September Patch Tuesday update bundle from Microsoft brings fixes for two zero-day bugs under active exploit.

read more…

Page 1 of 438  >  >>