New macOS Security Bug Unlocks App Store With Any Password

New macOS Security Bug Unlocks App Store With Any Password

Back at the tail end of November, Apple had to rush out an emergency security patch after news of a serious security flaw surfaced in macOS High Sierra. That bug allowed users to log into a system by typing “root” for a login, then hitting enter for a login attempt several times in a row. Now there’s a new bug; it isn’t as much of a risk as that one, but it’s still a significant issue.

The bug appears limited to High Sierra (Sierra isn’t affected), and has been verified by Macrumors as existing in 10.13.2, the latest version of the operating system. Macrumors states that it cannot reproduce the error on the beta versions of macOS 10.13.3, suggesting it’ll be fixed in an upcoming release. Nevertheless, it remains active for now.

Reproducing the bug is fairly simple and involves the following steps, as laid out by eholtam, who found the bug:

1) Log in as a local admin2) Open App Store Pref pane from the System Preferences3) Lock the padlock if it is already unlocked4) Click the lock to unlock it5) Enter any bogus password

The expected behavior, obviously, is that the login attempt will fail. The actual behavior is that the login and unlock attempt works perfectly. The bug only works when you’re logged into an administrative account, but it’s another example of how Apple seems to have dropped the ball on setting user policies and permissions properly. While not nearly as risky as the earlier login bug, Apple clearly didn’t perform some due diligence testing it needed to engage in. Being able to change preferences in the App Store allows you to change the schedules for app updates, system updates, and security updates. Flipping those settings could be used in conjunction with another attack to ensure a system wasn’t patched to close a security hole, though local access or at least administrator access from a remote location are required.

The optics of the situation are worse, given that Apple specifically declared it would revisit its practices to prevent a reoccurrence. Back in late November, the company wrote: “We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.”

Clearly that audit isn’t quite finished yet. There’s no current workaround to this issue, so the only real option is to wait for Apple to provide a solution.

Continue reading

Sony Will Unlock the PS5’s Expandable Storage by This Summer
Sony Will Unlock the PS5’s Expandable Storage by This Summer

The PlayStation 5 will finally be able to boost its internal capacity this summer, with M.2 drive support arriving along with new fan profile updates.

Samsung Breaks the Galaxy Z Fold3’s Cameras If You Unlock the Bootloader
Samsung Breaks the Galaxy Z Fold3’s Cameras If You Unlock the Bootloader

Unlocking allows you to root a phone and make changes to the core software. Naturally, most device makers discourage this behavior, but Samsung's setup on the Fold3 is downright hostile to modders.

Oculus Gives Discontinued Oculus Go a New Lease on Life with Unlocked Software
Oculus Gives Discontinued Oculus Go a New Lease on Life with Unlocked Software

The release of the Oculus Go in 2018 was an important step for Facebook's Virtual Reality division, but the product was short-lived. After being made obsolete by the Oculus Quest, the company discontinued the Go in 2020. Still, Facebook sold millions of the standalone headsets, and now they're more capable thanks to an unlocked software update.

Software Utility and BIOS Reportedly Unlock Full Mining Capabilities on Nvidia GPUs
Software Utility and BIOS Reportedly Unlock Full Mining Capabilities on Nvidia GPUs

A crafty software developer has created a workaround for Nvidia's Low Hash Rate GPUs to restore them to full mining power.