News

Another password bug embarrassment for Apple

Researchers have discovered another password bug that affects Apple’s Mac operating system. This is the third similar discovery in the past few months.
The vulnerability enables anyone to modify someone’s preferences in the company’s AppStore by simply entering a fictitious password. It was revealed by Open Radar, a site for Apple developers.

Any user who could access the computer would be able to switch off app updates, security updates or macOS updates. The glitch is activated by simply hitting the unlock padlock when asked to enter system preferences and then typing anything you want as a password.

This reportedly affects Macs running on older operating systems, before MacOS 10.13, and only relates to preferences for the AppStore.

The latest embarrassment, which reared its ugly head on Wednesday, caused quite a bit of alarm among the security crowd – although experts pointed out that the bug was only a problem if someone else could physically access your Mac.

Four months ago, a researcher revealed how to download passwords by abusing Apple’s Keychain tech. And two months ago, another user discovered that anybody could access a Mac computer by simply entering ‘root’ as the password.

Apple fixed the problem in days, but the PR damage was already done.

Apple, Amazon, Google and Microsoft are presently working on solutions for the Spectre and Meltdown vulnerabilities that can be found in their hardware. These bugs are present in ARM, AMD and Intel microprocessors used by billions of devices, including Macs, iPhones, iPads, PCs and smartphones.

It might enable hackers to gain remote access to every single file stored on your device, including passwords, encryption keys and browsing history.

Intel’s CEO, Brian Krzanich, said earlier this week that they would issue patches for 90% of all devices that were affected by the Spectre and Meltdown bugs within the next two weeks.

Tags

About the author

Chris

I've been a passionate evangelist for Apple and the Macintosh throughout my working life, my first love was a Quadra 605 working with a small creative agency in the south of Norfolk UK in the mid 1990's, I later progressed to other roles in other Macintosh dominated industries, first as a Senior graphic designer at a small printing company and then a production manager at Guardian Media Group. As the publishing and printing sector wained I moved into Internet Marketing and in 2006 co-founded blurtit.com which grew to become one the top 200 visited sites in the US (according to Quantcast), at its peak receiving over 15 million visits per month. For the last ten years I have worked as an Affiliate and Consultant to many different business and start ups, my key skill set being online marketing, on page monetisation, landing page optimisation and traffic generation, if you would like to hire me or discuss your current project please reach out to me here.

You can also follow me on: and

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.