RV_ Posted September 25, 2017 Report Share Posted September 25, 2017 The vulnerability lets an attacker steal the contents of a Keychain — without needing a password. Excerpt: "Just hours before Apple is expected to roll out the new version of its desktop and notebook operating system, macOS High Sierra, a security researcher dropped a zero-day. Patrick Wardle, a former NSA hacker who now serves as chief security researcher at Synack, posted a video of the hack -- a password exfiltration exploit -- in action. Passwords are stored in the Mac's Keychain, which typically requires a master login password to access the vault. But Wardle has shown that the vulnerability allows an attacker to grab and steal every password in plain-text using an unsigned app downloaded from the internet, without needing that password. He tweeted a short video demonstrating the hack." The article and much more is here: http://www.zdnet.com/article/apple-macos-high-sierra-password-vulnerable-to-password-stealing-hack/?loc=newsletter_large_thumb_related&ftag=TREc64629f&bhid=19724681974700635514865380622813 RV/Derekhttp://www.rvroadie.com Email on the bottom of my website page.Retired AF 1971-1998 When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius “Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire Link to comment Share on other sites More sharing options...
Pieere Posted September 26, 2017 Report Share Posted September 26, 2017 I believe I don't have nothing to worry about being a 2009 and has the OS Lion 10.7.5! Living Life One Day At A Time! Link to comment Share on other sites More sharing options...
TheDuke Posted September 27, 2017 Report Share Posted September 27, 2017 Bet Apple doesn't do anything press wise about this. They won't acknowledge it or tell when it is fixed. Link to comment Share on other sites More sharing options...
Barbaraok Posted September 27, 2017 Report Share Posted September 27, 2017 They will release an upgrade with security patches at some point. And it will be soon after all the other problems with High Sierra are identified and 'fixed'', which is why I never upgrade to a new system during the first few weeks after release. Pieere, as I read the press release it said older operating systems that are Mac X series could also vulnerable. Barb Barb & Dave O'Keeffe 2002 Alpine 36 MDDS (Figment II), 2018 Ford C-Max HYBRID Blog: http://www.barbanddave.net SPK# 90761 FMCA #F337834 Link to comment Share on other sites More sharing options...
RV_ Posted September 27, 2017 Author Report Share Posted September 27, 2017 Apple tried to reassure their customers saying Gatekeeper prevents it and that is erroneous. If you own an Apple Machine I would do as Barb Suggests and wait until all the fallout is over. For today's new about Apple's answer that gatekeeper prevents it the answer is no. If you own an Apple read this and pass it on to any other friends using Apple: https://threatpost.com/gatekeeper-alone-wont-mitigate-apple-keychain-attack/128172/?utm_source=newsletter&utm_medium=Email&utm_campaign=tp daily digest RV/Derekhttp://www.rvroadie.com Email on the bottom of my website page.Retired AF 1971-1998 When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius “Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire Link to comment Share on other sites More sharing options...
Pieere Posted September 28, 2017 Report Share Posted September 28, 2017 If the hackers ever steal my Identity they will ruin their credit too!! LOL! Go ahead and make YOUR DAY, hackers! Living Life One Day At A Time! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.