macOS High Sierra Is Again Exposed To Security Bug
technology

Apple's macOS High Sierra Spotted With Another Security Bug

Users can access the App Store preference panel by entering any password

Apple\'s macOS High Sierra Spotted With Another Security Bug

Apple’s current version of macOS High Sierra again becomes the victim of security vulnerability. This time it's the App Store menu in the system preference spotted by the Macrumors on the Open Radar. The bug lets the user login to the App store preferences by entering any password with the username. This is the second time when the Apple’s operating system has been pointed for having system vulnerability in months.

In order to check the flaw, you need to have a Mac device with macOS High Sierra version 10.13.2, the latest public release accessed via the administrative account. Then  follow the below-given steps

  • Go to the System Preference

  • Click on the App Store

  • Now, click on the padlock icon to lock if isn't.

  • Click again on the padlock icon

  • Enter the Username and any Password

  • Click on the unlock

Once you hit the unlock tap the system will grant the access to the App Store preference, doesn't matter what password you have entered. With the access to an App Store settings panel, one can enable or disable the automatic downloads, installation of the app and the updates of the operating system. However the threat is not much severe security risk compared to the root login bug or Meltdown and Spectre flaw but still, it puts a question on Apple’s security login structures. In addition to this if someone has the access to your system they can even disable the automatic updates and can leverage the available vulnerabilities.

The bug won't work if you try to bypass the security login for App Store preference with any non-administrative account which means the more sensitive security aspects aren't exposed to the bug. Apple has already fixed the bug in the latest beta version of macOS High Sierra 10.13.13 and the bug isn't available in macOS Sierra version 10.12.6 or earlier. On the macOS High Sierra, the App Store settings are unlocked by default, but some of the users with more security concern could have locked it.

Although the bug isn't as serious as the root login, Apple is still working to fix the bug sooner than later. In that case, we may expect the release of macOS High Sierra 10.13.3 much sooner. In the meantime, Apple also needs to make sure that its security aspects are free from any possible vulnerabilities and don't need to push embarrassing fixes.

MAD Team
Written By

MobileAppDaily host a team of experienced technical writers, industry wizards, and app experts who have an exact knack of content that caters to the needs of the mobile app targeted audience. We strive to bring you the best of tech!

Top Companies

InMobi
Singapore
Dot Com Infoway
New York, USA
M&C Saatchi Mobile
New York City, USA
Techmagnate
New Delhi, India
Fetch
London, UK
View full report

Latest Articles

Join our global community 135K Followers
technology

Ex - Google Employee Files Lawsuit After Getting Fired For Posting Diversity Memes

MAD Team 4 min read  

Google is again in the news for firing an employee who shared racism and discrimination based posts internally. Tim Chevalier, a former Google employee who is a software developer and used to work as a site-reliability engineer filed a lawsuit against the company. According to the submitted document

technology

Google Lenses Coming Soon To All Pixel Devices Under The Assistant App

MAD Team 4 min read  

As promised at the I/O conference of 2017 Google is ready to bring its Artificial Intelligence equipped Google lens to the company’s flagship smartphones. The search giant announced in a blog post that the smart Google Lens will come as a part of the Google Assistant in the coming weeks. The G

technology

Google Play Store is Upgraded to 7.8 Version With The Addition of Some New Features Few Tweaks

MAD Team 4 min read  

As mobile app technology enhancing day by day new features and functionality added to the app world. As million of apps are available for the user, app store makes sure it provide the substantial options with the best interface to users. From Apple’s Appstore to Google Play store continuously

technology

Shield Your Sender Reputation With Email Verifier ZeroBounce

MAD Team 4 min read  

Are you promoting a product and need to send an email blast to your target customers? Email verifier ZeroBounce is a tool that can help you achieve the best outcome. You must have noticed that many times, your promotional emails are ending in customers’ spam folder, and the worst part is, you