The current version of macOS High Sierra has a bug, which could allow anyone to unlock the App Store preference pane by typing any password, though not as serious as the infamous root login bug that earlier hit macOS password prompts.

While the App Store settings are unlocked for administrators by default, there are little chances that locked down system settings are at risk, however if someone got access they could disable automatic security updates to take advantage of known vulnerabilities.



Apple, already has issued a fix for the bug in the latest version of macOS 10.13.3, which is currently still in beta and may likely be released this month.

For now, keep your App Store preferences locked down, and ensure that you log out as administrator when you are away, alternatively, you should use a standard account rather than the administrator login.

And about the recurring macOS password vulnerability, Apple had apologized in a statement, and confirmed that it was "auditing its development processes" to help prevent this mishap from happening again.

Albeit, the vulnerability doesn't affect macOS Sierra or any other previous version of the operating system.

Beware: Apple's macOS High Sierra password prompt bug is real

The current version of macOS High Sierra has a bug, which could allow anyone to unlock the App Store preference pane by typing any password, though not as serious as the infamous root login bug that earlier hit macOS password prompts.

While the App Store settings are unlocked for administrators by default, there are little chances that locked down system settings are at risk, however if someone got access they could disable automatic security updates to take advantage of known vulnerabilities.



Apple, already has issued a fix for the bug in the latest version of macOS 10.13.3, which is currently still in beta and may likely be released this month.

For now, keep your App Store preferences locked down, and ensure that you log out as administrator when you are away, alternatively, you should use a standard account rather than the administrator login.

And about the recurring macOS password vulnerability, Apple had apologized in a statement, and confirmed that it was "auditing its development processes" to help prevent this mishap from happening again.

Albeit, the vulnerability doesn't affect macOS Sierra or any other previous version of the operating system.

No comments