Apple has launched macOS High Sierra, the latest version of the computer operating system, but alongside it comes a discovery that places all Mac users at risk.
The issue was revealed by a security researcher just hours before MacOS High Sierra launched. What will Apple do about it, and what should users do to protect themselves?
Security Researcher Reveals macOS High Sierra Zero-Day Exploit
Patrick Wardle, a former hacker for the NSA and now the chief security researcher for Synack, uploaded a video showcasing the code he wrote that is capable of stealing the passwords of Mac users.
The passwords of macOS devices are stored in the Keychain app, which requires users to input a master login password so that they can access its contents. However, the code created by Wardle that exploits the vulnerability allows a hacker to steal passwords stored in Keychain through an unsigned app that can be downloaded from the internet. The hacker does not need to figure out the master password, and even worse is the fact that the passwords stored in Keychain can be stolen in plain-text form.
The keychainStealer app of Wardle revealed that the vulnerability places not just passwords to log into the Mac computer at risk, but also passwords to websites and online services, as well as credit card information. The exploit can be integrated into an app that looks legitimate, or sent to victims through email.
What Can Mac Owners Do To Protect Themselves?
The vulnerability exposed by Wardle is likely the second stage of an attack, following up on an initial hack to run rogue code on a Mac device. However, according to the former NSA hacker, that is not hard to do these days. Wardle even suggested for Apple to create a macOS bug bounty program, as such a program that rewards hackers for finding vulnerabilities is only open for iPhones and iPads.
Wardle informed Apple earlier this month, but the patch to fix the exploit was not finished in time to be included in the macOS High Sierra launch. The vulnerability is not limited to the latest version of the operating system, as Wardle also found it in older macOS and OS X versions, so holding off on upgrading to macOS High Sierra will not prevent users from being exposed to the exploit.
While waiting for the patch that will eliminate the exploit, Mac users will need to remain vigilant against suspicious apps. Users should only download and install software from trusted sources, and should not be overconfident that macOS is too secure to be compromised by hackers.