Zero-Day Exploit Revealed Hours Before Official MacOS High Sierra Launch

Zero-Day Exploit Revealed Hours Before Official MacOS High Sierra Launch

Apple’s macOS High Sierra was scheduled to release on 25th September and promised new core technologies, VR opportunities, and refined apps. But just hours before the OS was to launch, Patrick Wardle, an Apple security researcher and former NSA hacker demonstrated a zero-day exploit in the upcoming OS. Quite a bummer because Apple will now have to release a patch although it did not say when that would be possible.

What is a Zero-day Exploit

For folks unaware, a zero-day exploit is a flaw, an ‘unknown exploit in the wild that exposes a vulnerability in software or hardware.’ Zero-day attacks happen attackers are aware of the flaw and release malware before developers can actually release a patch to fix the vulnerability. Software and hardware are vulnerable by default and there is always some work around or some vulnerability point that can be cracked and it takes months, in some cases years before the vulnerability is exploited to cause an attack.

What We Know About the Hack

Wardle tweeted a video showing the exploit happening when an application downloaded on the user’s laptop causes the user’s stored passwords in the KeyChain (Apple’s password manager) to be available in cleartext.

Mac users usually store passwords and account information with the KeyChain which acts as a local password and identity manager. Although the information in the Keychain app is encrypted and cannot be accessed by third-party apps, this particular exploit would allow an attacker to grab and steal stored passwords in plain-text. All it needs is an unsigned app downloaded from the internet which will dump the content of the KeyChain file in cleartext.

Although Wardle tested the exploit on High Sierra, he is unsure if older versions of the OS and OS X could be affected. Once exploited, the vulnerability can provide a hacker with all the information they need to access a user’s information including websites, bank accounts, credit card numbers and any other information stored on the system. Wardle also warns against the unknown exploit which can be downloaded from a legit app for could even come in an email which means an attacker can get into Mac systems using the dump keychain plugin to extract data from the KeyChain.

Wardle has been vocal about the issue criticizing Apple for convincing people that the macOS is secure while in actual, it is the second zero-day Wardle found in the operating system in one month alone. He even suggests Apple launch a bug bounty program for the Mac, which it surprisingly hasn’t done yet even though it has programs for the iPhone and iPad.

Apple’s Statement

Countering the exploitation news, Apple responded with a statement to CNET saying, ‘MacOS is designed to be secure by default, and Gatekeeper warns users against installing unsigned apps, like the one shown in this proof of concept, and prevents them from launching the app without explicit approval. We encourage users to download software only from trusted sources like the Mac App Store, and to pay careful attention to security dialogs that macOS presents.”

Why You Don’t Have to Worry

Unless you’re an avid torrent downloader or someone who frequently uses software from illegal, insecure websites, you don’t have to worry. Exploitations like these require the user to actually download something to their system in order to work. So avoid those software torrents and stay away from phishing, suspicious emails. At the end of the day, a user is responsible for the safe and effective use of a device because as much as systems aim to be secure, it is all based on a user’s actions.

Farah tries to keep up with the fast-paced tech world by writing about it. She covers latest tech news and writes informative pieces to help her readers make informed decisions about their tech preferences.
BeepWee