macOS High Sierra Update Contains Keychain Security Vulnerability That Reveals Passwords: Report

Apple's public release of the macOS High Sierra update for Mac owners has been tainted with a report by a security researcher that claims it has a serious vulnerability. Director of Research at security firm Synack and ex-NSA analyst Patrick Wardle on Monday said macOS High Sierra contains a major security flaw that can potentially allow hackers to steal user credentials from accounts stored in Keychain.

Wardle said the macOS High Sierra flaw can allow hackers to steal usernames and passwords from accounts stored in Keychain. He told Forbes that the unsigned apps on macOS High Sierra can access the information from Keychain and even show the plaintext usernames and passwords without the need of user's master password.

on High Sierra (unsigned) apps can programmatically dump & exfil keychain (w/ your plaintext passwords)🍎🙈😭 vid: https://t.co/36M2TcLUAn #smh pic.twitter.com/pqtpjZsSnq

— patrick wardle (@patrickwardle) September 25, 2017

Wardle has even shared a video where we can see the exploit in action, showing how a 'keychainStealer' app he created could expose user credentials. He tells ZDNet the exploit could be masked in a regular app or even be sent in an email. The researcher added that he had reported the bug to Apple in September, however the patch wasn't a part of the global release on Monday.

"As a passionate Mac user, I'm continually disappointed in the security of macOS," he told ZDNet. "I don't mean that to be taken personally by anybody at Apple - but every time I look at macOS the wrong way something falls over. I felt that users should be aware of the risks that are out there I'm sure sophisticated attackers have similar capabilities... Apple marketing has done a great job convincing people that macOS is secure, and I think that this is rather irresponsible and leads to issues where Mac users are overconfident and thus more vulnerable," he opined.

Apple in a statement to CNET, Apple had this to say about Wardle's claim:"MacOS is designed to be secure by default, and Gatekeeper warns users against installing unsigned apps, like the one shown in this proof of concept, and prevents them from launching the app without explicit approval. We encourage users to download software only from trusted sources like the Mac App Store, and to pay careful attention to security dialogs that macOS presents."