macOS High Sierra Is Again Exposed To Security Bug
Apple

Apple's macOS High Sierra Spotted With Another Security Bug

Users can access the App Store preference panel by entering any password

https://dk2dyle8k4h9a.cloudfront.net/Apple\'s macOS High Sierra Spotted With Another Security Bug

Top Companies

01.
InMobi
Singapore
02.
Dot Com Infoway
New York, USA
03.
M&C Saatchi Mobile
New York City, USA
04.
Techmagnate
New Delhi, India
05.
Fetch
London, UK
View full report
Updated On
January 11, 2018 07:15 PM
4 min read

Latest Articles

Apple’s current version of macOS High Sierra again becomes the victim of security vulnerability. This time it's the App Store menu in the system preference spotted by the Macrumors on the Open Radar. The bug lets the user login to the App store preferences by entering any password with the username. This is the second time when the Apple’s operating system has been pointed for having system vulnerability in months.

In order to check the flaw, you need to have a Mac device with macOS High Sierra version 10.13.2, the latest public release accessed via the administrative account. Then  follow the below-given steps

  • Go to the System Preference

  • Click on the App Store

  • Now, click on the padlock icon to lock if isn't.

  • Click again on the padlock icon

  • Enter the Username and any Password

  • Click on the unlock

Once you hit the unlock tap the system will grant the access to the App Store preference, doesn't matter what password you have entered. With the access to an App Store settings panel, one can enable or disable the automatic downloads, installation of the app and the updates of the operating system. However the threat is not much severe security risk compared to the root login bug or Meltdown and Spectre flaw but still, it puts a question on Apple’s security login structures. In addition to this if someone has the access to your system they can even disable the automatic updates and can leverage the available vulnerabilities.

The bug won't work if you try to bypass the security login for App Store preference with any non-administrative account which means the more sensitive security aspects aren't exposed to the bug. Apple has already fixed the bug in the latest beta version of macOS High Sierra 10.13.13 and the bug isn't available in macOS Sierra version 10.12.6 or earlier. On the macOS High Sierra, the App Store settings are unlocked by default, but some of the users with more security concern could have locked it.

Although the bug isn't as serious as the root login, Apple is still working to fix the bug sooner than later. In that case, we may expect the release of macOS High Sierra 10.13.3 much sooner. In the meantime, Apple also needs to make sure that its security aspects are free from any possible vulnerabilities and don't need to push embarrassing fixes.

Akash Singh Chauhan
Written By
Akash Singh Chauhan

Akash Singh Chauhan is a senior writer at MobileAppDaily and he mainly covers all the latest happenings and tweaks in mobile app technology. Being an Engineering graduate he is always compelled to the technology and tries to discover new trends in the tech world. Along with any tech news he also never misses a single episode of ‘Dragon Ball’.

Apple

Know if Your App is Ready for the new iPhone X?

Joshua Anderson 4 min read  

The latest iPhone X is trending as the “need of the hour” and almost all apps need a revamp to keep up with the trending technology. In Apple’s defence, it did remind developers to update their apps, prior to the launch of iPhone X. While many have challenged its infamous Face ID t

Apple

iOS 11 Will Automatically Delete The Apps To Maintain Storage

Eric Jones 4 min read  

Apple at WWDC event revealing all the world they have done since the last meeting to enhance the platform and make it flawless. Another handy feature is embedded by the company in the iOS 11 which helps the user in storage issues. The phone storage is always been an annoying point for the users, esp

Apple

Know All About A Leak Revealing Apple's New Design Concept

Neha Baluni 4 min read  

Apple has started the warm-up for WWDC 2018 and there is a sudden reveal on iOS 12 for the public. The leak suggests the production of some parts needed for 2018’s iPhone handset launch is underway. As per the official news, “Apple Inc. manufacturing partner Taiwan Semiconductor Manufact

Apple

iPhone Users - Don't waste Your Time by Force Quitting The Apps Unnecessarily

Joshua Anderson 4 min read  

We all are tech addicted now and gadgets have become an integral part of our life. While using tech devices we have our own tips and tricks in order to make it more productive. The Same way most of the iPhone users directly kill the app in the background with the intention to save battery and RAM. H