It was just the other day that Apple released the macOS High Sierra update which introduced a bunch of new features to the macOS platform. One of those features is automated weekly checks of your Mac’s firmware that is meant to determine if your firmware is “good” as per Apple’s definition.
However it seems that despite Apple introducing new safety and security measures, a rather nasty bug has somehow managed to slip past Apple’s radar. According to a report from Forbes, a bug within macOS High Sierra has been discovered that could potentially reveal the passwords of the user, no thanks to keychain security vulnerability that was discovered by ex-NSA analyst Patrick Wardle.
The passwords stored within the keychain can be obtained by unlocking it with a master password, as is usually the case. However Wardle discovered that the bug allowed hackers to run malicious code on a Mac to steal passwords from the keychain, which he demonstrates in the video above.
Speaking to Forbes, Wardle was quoted as saying, “Without root priveleges, if the user is logged in, I can dump and exfiltrate the keychain, including plaintext passwords. Normally you are not supposed to be able do that programmatically.” The full exploit isn’t revealed (naturally) and he expects that Apple should patch the vulnerability soon enough.