Even before the macOS High Sierra To be made available to the general public on the App Store, a former NSA employee posted on Twitter a proof of concept of a vulnerability in credential access by the system.
Through the flaw, it is possible for Apple-issued digitally unsigned applications to obtain plain text user logins and passwords without the need to decrypt the content by password.
The video above shows the example code created by Patrick Wardle to present the vulnerability. Currently, Macs cannot run compiled applications without an Apple-generated digital signature by default (you can change this behavior in System Preferences), but there is a possibility that the problem may exist in earlier versions of macOS.
On a note CNET Apple reiterated that users can count on Gatekeeper In order to prevent malicious applications based on this proof of concept, however, it has not given a predictor of when this problem will definitely be fixed.
· ? ·
However, this is not the only problem involving password leakage risk encountered in the High Sierra. Our reader Matheus Mariano sent us a video exemplifying as a bug in Disk Utility (Disk Utility) can expose passwords used to encrypt APFS parties at system installation.
According to Matheus, when creating a new encrypted APFS partition and installing High Sierra on it, the password used to protect it is written as plain text and can be viewed outside as a password hint. This issue has been reported during the trial versions of the operating system, but apparently has not been fixed.
Two years ago, we talked about a firmware vulnerability in computers with Thunderbolt ports (including PCs), which also opened EFI for Macs and MacBooks for a full replacement of their factory firmware with another one. An attack at this level (which became known as Thunderstrike) would be able to withstand system formations, making vulnerable computers permanently compromised.
Since then, Apple has been able to produce a patch on newer machines by integrating its distribution by upgrading macOS to older equipment. However, researchers from Duo Security were able to pick up a sample of over 70,000 Macs, which did not receive the latest version of EFI distributed by their manufacturer.
In some cases the discrepancies are absurd. For example, of all 21.5-inch iMacs released at the end of 2015 that were reviewed, 43% did not receive the vulnerability fixes Thunderstrike. In addition, they identified 16 combinations of hardware and operating systems, which did not receive patches between EFI versions 10.10 and 10.12.6.
Apple also issued a note to several news agencies on the topic, saying it is aware of the survey and working to correct firmware issues affecting Macs. As part of the initiatives, is a new firmware validation tool, already found in operation in High Sierra.
via Forbes, 9to5Mac