How to protect your Mac from the "App Store password" bug
Shortly after the discovery of the “root” bug plaguing Macs worldwide, Apple is faced with another embarrassing flaw in the newest version of its macOS. And it”s yet another password-centric vulnerability.
A recent post on Open Radar reveals that the App Store preferences pane in System Preferences can be unlocked by a local admin with a bogus password â€“ or, as our own tests revealed, no password whatsoever.
The steps to reproduce the bug are:
1) Log in as a local admin
2) Open the App Store preferences pane from the System Preferences
3) Lock the padlock if it is already unlocked
4) Click the lock to unlock it
5) Enter any bogus password (or leave the password field blank)
6) Hit Return / Enter
If these steps reproduce the bug on your Mac, you are affected.
The flaw is not terribly dangerous, but it”s not entirely harmless either. Anyone with physical access to the machine can alter the settings to control how that Mac downloads and handles third-party software. A bad actor could (theoretically) use this bug to make it easy to deploy malware onto the unsuspecting victim”s computer at a later time.
Mac users running macOS High Sierra 10.13.3 beta are reportedly unable to reproduce the bug, indicating that either Apple is aware of the flaw, or something new in the beta inadvertently “breaks” the bug. So, what can you do until Apple releases the fix? Not much except tighten the existing security settings on your Mac.
You can leverage the “hot corners” feature to quickly enable a screensaver whenever you get up from your desk. Go to System Preferences -> Desktop & Screen Saver and look for the Hot Corners button in the bottom right-hand corner of the window.
Then, you should set your Mac to ask for a password immediately after the screensaver kicks in. To do this, visit the Security & Privacy module under System Preferences.
Finally, look out for Apple”s 10.13.3 update and install it the moment it becomes available.
Ultimate Privacy Guide for Your Facebook Account
August 31, 2021
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices
August 27, 2021
Your Netflix Account May Be on Sale on Darkweb. Protect It
August 13, 2021
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
FOLLOW US ON
You might also like
September 20, 2021
September 20, 2021
September 17, 2021