Wednesday, 17 October, 2018

New macOS High Sierra Password Flaw Discovered

macOS High Sierra flaw unlocks App Store System Preferences with any password, fixed in latest beta MacOS 10.13 High Sierra Update: Security Bug Allows Settings Changes Without Password
Frank Williams | 12 January, 2018, 18:10

Regarding the root flaw, an Apple spokesperson said: "We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused". Other sections still require a correct password.

Using the fault, they could disable automatic security updates to take advantage of system vulnerabilities that are regularly patched in the future.

The bug is reproducible by logging in as a local admin, opening App Store preferences from the System Preferences app, locking the padlock if it's already unlocked and then unlocking again by typing in an incorrect password.

While the bug disclosure brings up memories of last year's macOS I Am Root security flap, this latest find is far less serious - although a damning indictment of Apple's quality control.

Attackers could gain access to your Mac thanks to another security flaw discovered in the latest version of its operating system.

Jacksonville Jaguars: Blueprint for victory vs
If he can be effective, it will be a big boost for a Steelers offense that relies heavily on their All-Pro receiver. Pittsburgh had a lead late at home , and had a chance to win the game at the end of the game against the Patriots.

But it looks like Tim Cook's crew has got a little sloppy recently as yet another bug has been found in macOS High Sierra that allows anyone with local administrator access to unlock the App Store menu in the OS System Preferences by using A bogus password.

Experts say it is limited to the App Store and presents a relatively limited security risk. The App Store settings are also unlocked by default, meaning the password would only be requested if the user has clicked on the padlock icon to prevent settings being changed. Apple later fixed the issue with a security update.

In order to reproduce the bug, a user can start by logging in as an admin. Our customers deserve better.

Apple has reportedly fixed the new bug in the beta version of macOS 10.13.3, its upcoming High Sierra update expected to release to the general public sometime this month, according to MacRumors.

Apple pledged to review its software development process in early December 2017, after a researcher discovered a bug that could give hackers total control of vulnerable machines.

Recommended

Zuma to set up commission to probe influence-peddling Zuma to set up commission to probe influence-peddling Similar sentiments were expressed by President Zuma during his announcement of the appointment of the inquiry. Last month the ANC's new head, Cyril Ramaphosa , vowed to wipe out corruption in the party's ranks.

Indian WhatsApp users sent 20 bn messages on New Year's Eve Indian WhatsApp users sent 20 bn messages on New Year's Eve Instagram is now testing a new system where you'll be able to upload your Instagram Story onto WhatsApp . Users get an option to share their Story to WhatsApp from the Instagram sharing screen.

Show Information for Dolly Parton's Stampede Pigeon Forge, TN Show Information for Dolly Parton's Stampede Pigeon Forge, TN In Branson and elsewhere, Dolly Parton's dinner show attractions are dropping the "Dixie" from their brand name. According to the press release, the production team is hard at work updating the existing shows for 2018.

Power cut pulls plug on massive gadget expo in Las Vegas Power cut pulls plug on massive gadget expo in Las Vegas Parts of South and Central Halls, where numerous exhibitors are set up to showcase their products, have been thrown into darkness. Many companies were forced to suspend their presentations and barred from conducting demos at the annual tech fair.

Retail Box leaks the specs of Samsung Galaxy S9 and S9 Plus Retail Box leaks the specs of Samsung Galaxy S9 and S9 Plus Of all the things, Samsung had to upgrade the camera since it has been using the same setup for two years in a row now. That's way, way overdue, since most high-end Android phone started including dual speakers over four years ago.

Inflation at 17-month high, rises to 5.21 pc in Dec, 2017 Inflation at 17-month high, rises to 5.21 pc in Dec, 2017 Avery Shenfeld, senior economist at CIBC World Markets, said that the US dollar could see some momentum Friday following CPI data. Core inflation, while not the Federal Reserve's preferred inflation measure is still well below the central bank's target of 2%.

GM just introduced a self-driving vehicle without a steering wheel GM just introduced a self-driving vehicle  without a steering wheel For the past several years, automakers and tech companies have been testing self-driving cars on the roads of California. GM sees the announcement Friday as a significant step toward the widespread adoption of self-driving vehicle technology.

FCA To Invest $1B Into Warren Plant, Create 2500 Jobs FCA To Invest $1B Into Warren Plant, Create 2500 Jobs The company's US -listed shares have surged 31 per cent already this year after nearly doubling in 2017. In all, FCA says its investment in heavy duty truck production will produce 2500 more jobs in the U.S.

All the Nintendo Direct Mini news and announcements All the Nintendo Direct Mini news and announcements Payday 2 will release in Europe and Australia on February 23rd, and in North America and South America on February 27th. In Find It mode, players have the same amount of time to locate balloons hidden by other players from around the world.

CND urges government to condemn Trump's nuclear weapons policy CND urges government to condemn Trump's nuclear weapons policy Their report warned: "The potential impacts of a cyberattack on nuclear weapons systems are enormous". This could "hijack decision-making with potentially devastating consequences ", it found.

Taylor Swift and Ed Sheeran join forces in new song End Game Taylor Swift and Ed Sheeran join forces in new song End Game Taylor rocked more outfits than she hit cities, showing all her looks from glamorous to the night life to wet hair in a bathrobe. She will begin her Reputation World Tour on May 8 at the University of Phoenix Stadium in Glendale, Arizona in the USA.

Ford recalling 190 Ranger pickups in Canada Ford recalling 190 Ranger pickups in Canada Each of the deaths came as the result of inflators manufactured on the same day and installed in 2006 Ranger pickups, Ford said. The latest recalls cover frontal air bags in certain 2009, 2010 and 2013 vehicles made, Jaguar-Land Rover, Mercedes-Benz, and.

Scientists Have Discovered Massive Ice Sheets on Mars Scientists Have Discovered Massive Ice Sheets on Mars Images of the erosional scarps reveal geologic features of the ice, such as banded patterns and color variations due to layering. Furthermore, some of these massive ice deposits were found to be more than 330 feet (100 meters) thick.

How Much Are Super Bowl Tickets? How Much Are Super Bowl Tickets? They will also be looking for revenge from past year because they should have won the 2017 Super Bowl. So why not cheer for Atlanta and maybe they get back to the Super Bowl and make good on a year ago ?

PUBG Has Now Surpassed 3 Million Players on Xbox One PUBG Has Now Surpassed 3 Million Players on Xbox One The game developers are planning to bring the game to all platforms, which meant that it will be coming to the PlayStation 4 . Microsoft announced yesterday that PlayerUnknown's Battlegrounds has now hit another milestone on Xbox One .