Pierluigi Paganini
October 06, 2017
Apple yesterday released a security patch for macOS High Sierra 10.13 to fix vulnerabilities in the Apple file system (APFS) volumes and Keychain software.
The vulnerability in the Apple file system was first reported by Matheus Mariano, a developer at Leet Tech, and later confirmed also by the programmer Felix Schwartz.
Tried myself & it's true: #HighSierra shows the #APFS volume password as hint. Persists reboots, not stored in keychain. Wow. Just wow. pic.twitter.com/FkcHI9KHl9
— Felix Schwarz (@felix_schwarz) October 5, 2017
The vulnerability in the Apple file system tracked as CVE-2017-7149 could be exploited by a local attacker to gain access to an encrypted APFS volume.
“If a hint was set in Disk Utility when creating an APFS encrypted volume, the password was stored as the hint. This was addressed by clearing hint storage if the hint was the password, and by improving the logic for storing hints.” reads the description provided by Apple on its support website.
When users create an encrypted APFS volume on a Mac with an SSD using Apple’s Disk Utility app and set up a password hint, invoking the password hint mechanism while remounting the volume will display the current password in plaintext.
Here’s a video demonstrating the programming cockup:
Many developers questioned the quality of macOS High Sierra 10.13 released at the end of September.
Legitimately wondering of Apple accidentally shipped a pre-release version of High Sierra. So much of it is unfinished and unpolished.
— Brian Lopez (@brianmario) September 27, 2017
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – Apple file system, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
