HACKER REVEALS MAJOR SECURITY BREACH INTO MAC USER ACCOUNTS!!!! ATTENTION ALL MAC USERS!!!!!!

in #security7 years ago (edited)
Just hours after Apple released their update for the OS X, a hacker has found a major security breach that allows anyone to steal all of your passwords and codes and Apple has not fixed the issue!!! Remove all of your devices from the internet until this is fixed!!!

Passwords are all stored in the keychains and they can steal it all!!!! OMG!!!

Apparently the older versions of the OS are vulnerable to this. I personally don't know what to do besides taking off all of my devices from online.

Sort:  

Wow, this is ridiculous. I feel like they are intentionally making the system vulnerable. How could they miss a bug this obvious?

This bug seems to present in macOS High Sierra 10.13.1 – the current version – as well as in the macOS 10.13.2 beta, but does not affect older versions of macOS, like Sierra or El Capitan.

Yeah, seems to just be the current version according to tech crunch.

Thanks a bunch for sharing this urgent issue with all of us, I'm going to change all the passwords right now and won,t keep anything into the keychain until it is resolved... What a pain!

Namaste :)

Don't just change passwords - as @kslo said in another comment below, change your root password! If you're not comfortable with that, then at least disconnect your device from the internet. Don't get me wrong - there's only a small chance that you'll be targeted. Just keep in mind that your device's contents are susceptible. This includes saved passwords, even if they aren't in the keychain.

I just dealt with it, DONE!

Definitely! Y’all are family!

OMG! I hate them!

Yeah!! WTF!!! OMG!!!!!! I am freaking out!!!

Everyone is bitchin about macs........ So how many times has windows been attacked????? Millions? Mac count on one hand. It is however getting more prevelant because more people are using macs. It has never been profitable for hackers to attack a mac when only 3% of computer users used mac. But this is different. This is an oversight by the apple team. The need to fix it and fix it now. They are still By far the best computer on the market..... Argue with me on that the next time you want to use your pc and windows decided its time to update, or try and shut it
off without going through a tons of procedures, and then there is the startup that takes a half hour just to get to where you can start answering all the update questions......macs are just a better computer

So there's a pretty simple fix for this. All you have to do is change the password for the root account. If you open the "terminal" app and type:

sudo passwd root

This will ask you for a new password for the root account. But don't forget this password or you may have problems in the future.

Mine has a Key 🔑 and I can’t type anything...

@naiahyoung Apple just released a patch for this issue. You can find it here. I advise everyone to install the security update as soon as possible. Click on App Store > Updates and install all updates.

Thanks so much!!!

So that is just the terminal applications way of masking your password. When you type sudo passwd root you are first asked for your standard user password. You will not see any anything being typed into the terminal window, but when you hit enter you should be prompted to type a new password for the root account.

I just posted a blog article here with instructions and screenshots to setting a new root password. Let me know if this works for you!

How can this big company make a mistake like this? This type of vulnerability is very old, how can apple customers trust their data like this?

To be more specific, this impacts Macs running the latest version of High Sierra — 10.13.1 (17B48).

Here's an article on TechCrunch with some more info, including a temporary solution from Apple: https://techcrunch.com/2017/11/28/astonishing-os-x-bug-lets-anyone-log-into-a-high-sierra-machine/

TLDR; DON'T LEAVE YOUR MAC UNATTENDED UNTIL THIS IS FIXED.

OMG ! I was going to sleep when I saw your post !!!! So stress !!! THANK YOU ! Will have a look at it !!!!!!

Omg I know I’m sorry but I just had to let all you know...