Apple updated the password revealing patch from the Disk Utility function

Apple has just released an emergency update for macOS High Sierra to fix errors that expose passwords that are encrypted in APFS format via password hint feature.

Apple has just released an emergency update for macOS High Sierra to fix errors that expose passwords that are encrypted in APFS format via password hint feature.

The new bug was discovered by Leet Tech security researcher Matheus Mariano and posted the video below.

This problem only appears on macOS High Sierra when the user adds an encrypted APFS file. Then, the user is asked to enter the password before accessing the data and when entering the hint button, the full password will be displayed instead of just the suggested password.

Picture 1 of Apple updated the password revealing patch from the Disk Utility function

The full password will appear instead of the suggested password

Only Mac SSD drives and APFS formats are affected

The error only occurs when the user fills in the suggested password. If not, it will be fine. This issue also affects only SSD drives, where new APFS file systems are supported.

Apple released additional updates

Compared to other times of error reporting, this time Apple acted quickly to fix. Users are advised to update or at least delete the suggested password.

In addition, Apple also offers support pages with step by step instructions for backing up, deleting and restoring encrypted APFS files after OS updates.https://support.apple.com/en-us/HT208168

Similar updates also patched the zero-day vulnerability in the Keychain application, causing the plaintext password to be exposed. This vulnerability was discovered by researcher Patrick Wardle.

see more
The newly released macOS has detected a serious security vulnerability

Update 23 May 2019
Category

System

Mac OS X

Hardware

Game

Tech info

Technology

Science

Life

Application

Electric

Program

Mobile