And I think that this is rather irresponsible and leads to issues where Mac users are overconfident and thus more vulnerable," Wardle said. "Apple marketing has done a great job convincing people that macOS is secure. "So, as far as I know, they are working on a patch."
"I responsibly disclosed the bug to Apple - along with exploit code, and very detailed writeup," Wardle told Bleeping. Wardle says the zero-day he discovered can be used by malware or other malicious apps to dump passwords from the Keychain, which later can be exfiltrated to a remote server and used by the hackers. The exploit also doesn't require root access. it's not a remote attack) can access and dump the user's Keychain ," Wardle added. "I haven't tested it with apps from the App Store, but any other code on the box (i.e. "It's macOS only (not iOS), but I believe it affects all recent versions of the OS." "The exploit works by exploiting an implementation flaw in the OS," Wardle told Bleeping Computer in a private conversation. Attackers can use zero-day to steal users' Keychain passwords All information stored in the Keychain app is encrypted by default, preventing other users or third-party apps from accessing this data without permission. Keychain is a macOS application that stores passwords and account information, working similar to a local password and identity manager. The video, embedded below, shows an application downloaded on the user's workstation exploiting an unknown flaw to dump the content of the user's Keychain file in cleartext. Hours before Apple was supposed to launch its new macOS version - codenamed High Sierra (10.13) - Patrick Wardle, a well-known Apple security researcher, former NSA hacker, and Chief Security Researcher at Synack, published a video demonstrating a zero-day exploit in the company's upcoming OS.
0 kommentar(er)
