macOS High Sierra Is Again Exposed To Security Bug
technology

Apple's macOS High Sierra Spotted With Another Security Bug

Users can access the App Store preference panel by entering any password

https://dk2dyle8k4h9a.cloudfront.net/Apple\'s macOS High Sierra Spotted With Another Security Bug

Apple’s current version of macOS High Sierra again becomes the victim of security vulnerability. This time it's the App Store menu in the system preference spotted by the Macrumors on the Open Radar. The bug lets the user login to the App store preferences by entering any password with the username. This is the second time when the Apple’s operating system has been pointed for having system vulnerability in months.

In order to check the flaw, you need to have a Mac device with macOS High Sierra version 10.13.2, the latest public release accessed via the administrative account. Then  follow the below-given steps

  • Go to the System Preference

  • Click on the App Store

  • Now, click on the padlock icon to lock if isn't.

  • Click again on the padlock icon

  • Enter the Username and any Password

  • Click on the unlock

Once you hit the unlock tap the system will grant the access to the App Store preference, doesn't matter what password you have entered. With the access to an App Store settings panel, one can enable or disable the automatic downloads, installation of the app and the updates of the operating system. However the threat is not much severe security risk compared to the root login bug or Meltdown and Spectre flaw but still, it puts a question on Apple’s security login structures. In addition to this if someone has the access to your system they can even disable the automatic updates and can leverage the available vulnerabilities.

The bug won't work if you try to bypass the security login for App Store preference with any non-administrative account which means the more sensitive security aspects aren't exposed to the bug. Apple has already fixed the bug in the latest beta version of macOS High Sierra 10.13.13 and the bug isn't available in macOS Sierra version 10.12.6 or earlier. On the macOS High Sierra, the App Store settings are unlocked by default, but some of the users with more security concern could have locked it.

Although the bug isn't as serious as the root login, Apple is still working to fix the bug sooner than later. In that case, we may expect the release of macOS High Sierra 10.13.3 much sooner. In the meantime, Apple also needs to make sure that its security aspects are free from any possible vulnerabilities and don't need to push embarrassing fixes.

Akash Singh Chauhan
Written By Akash Singh Chauhan

Akash Singh Chauhan is a senior writer at MobileAppDaily and he mainly covers all the latest happenings and tweaks in mobile app technology. Being an Engineering graduate he is always compelled to the technology and tries to discover new trends in the tech world. Along with any tech news he also never misses a single episode of ‘Dragon Ball’.

Top Companies

InMobi
Singapore
Dot Com Infoway
New York, USA
M&C Saatchi Mobile
New York City, USA
Techmagnate
New Delhi, India
Fetch
London, UK
View full report

Latest Articles

Join our global community 135K Followers
technology

Xiaomi Redmi S2 Posters Leaked, 10th May Launch Is Confirmed

Vikram Khajuria 4 min read  

Xiaomi has officially announced the launch date of Redmi S2 smartphone that will be coming to China first. The smartphone release date has been scheduled for 10th May by the company in its recently shared posters. Xiaomi has shared few posters revealing the Redmi S2 and some of its features. In the

technology

All About Apple's Big Event in 7 Videos

Eric Jones 4 min read  

Finally, the company announces its all awaited products including the iPhone X on Tuesday.Apple launched many new products in its various lineups which include, Apple Watch Series 3, a new 4K Apple TV, the iPhone 8 and iPhone 8 Plus and the most hyped iPhone X.{IRP}For the event, the com

technology

How AR and VR Will Reinvent The Food Industry

Meenal Vashistha 4 min read  

Augmented Reality and Virtual Reality are probably like the new band on the block that everyone either wants to make money off or enjoy their gift; in this case, their services. But who would've thought that Virtual and Augmented Reality would swoon our taste buds too? Although the cost of devel

technology

Google News To Get A Revamped Version With AMP And Videos

Vikram Khajuria 4 min read  

Google is planning to revamp the News app by adding few new tweaks and more features to it. The tech giant is integrating the YouTube news and taking help from the Play Newsstand app to the give Google News a refreshed look. According to the latest news, the company is also working with the other pu