Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
SystemThe newly released macOS has detected a serious security vulnerability
Newly released to the public today as Apple's latest MacOS High Sierra operating system has an important security hole, allowing hackers to access Plainted Keychain Data.
Newly released to the public today as Apple's latest MacOS High Sierra operating system has an important security hole, allowing hackers to access Plainted Keychain Data.
Unregistered applications on macOS High Sierra (and possibly the previous version of macOS) can steal usernames and account passwords stored on Keychain.
Security researcher and former NSA analyst Patrick Wardle talked about this vulnerability and shared a video of how to exploit it.
In order for this vulnerability to work, users need to download third-party malicious code from an unknown source, Apple often discourages users from downloading applications from untrusted developers or from outside the Mac App Store. . Apple does not even allow downloading from untrusted developers without overwriting security settings.
In the video illustrated, Wardle creates a POC application called keychainStealer that can access the plaintext passwords of Twitter, Facebook and Bank of America stored on Keychain.
An attacker can steal data on Plaintext Keychain
Wardle told Forbes about the vulnerability and said it was not too difficult to run malicious code on the Mac even with Apple's protection. Wardle does not provide the entire exploit code, but he also believes Apple will fix the vulnerability in the next update.
Apple has not responded when asked about this vulnerability.
- Apple expanded the size of the security bug detection program to receive bonuses, including macOS, a maximum bonus of $ 1 million
- Protect yourself against IE security holes
- Detecting a serious security vulnerability on macOS, this 18-year-old youth refused to disclose it because Apple did not pay the bonus
- The researcher released code that exploits the iOS Kernel vulnerability
- Apple released macOS unlocking patch, with apology
- Vulnerability on macOS helps hackers easily overcome security barriers
- PortSmash - New vulnerability on multi-threaded CPU
- NVIDIA Jetson chipset contains a series of security holes that allow data theft, DDoS attacks
- Microsoft fixes a serious vulnerability that has existed for 17 years in Windows Server
- How to test 32-bit applications will stop working on the Mac after the High Sierra operating system
- How to downgrade macOS High Sierra Beta to macOS Sierra
- 25% of the 1.9 billion passwords and usernames bought on the black market are Google accounts
- Many major vulnerabilities found in Kaspersky Antivirus for Linux servers, download the patch here
- Super fast 'meat-eating' computer viruses
- The new Specter vulnerability appears to be a new variant that easily 'crashes' secure partitions created by Intel SGX
- Detecting vulnerabilities in the QR code reader tool of iOS 11 may trick users into accessing malicious websites
-
How to enable ECG feature on Apple Watch - How to icloud activation unlock using UltFone Activation Unlocker tool
- How to use Apple Maps right in the browser
- Download iOS 13, iPadOS and Mac Catalina wallpapers
- How to free up storage on Apple Watch
- Instructions for creating Chinese Apple ID accounts on iPhone
How to enable ECG feature on Apple Watch 
How to icloud activation unlock using UltFone Activation Unlocker tool 
How to use Apple Maps right in the browser 
How to free up storage on Apple Watch 
Instructions for creating Chinese Apple ID accounts on iPhone 
Technology story
Technology comments
Quiz technology
New technology
British talent technology
Attack the network
Artificial intelligence
Mac OS X
Hardware
Game