Aldshota Zero Mac OS
Aldshota Zero Mac OS
Hours before Apple was supposed to launch its new macOS version — codenamed High Sierra (10.13) — Patrick Wardle, a well-known Apple security researcher, former NSA hacker, and Chief Security Researcher at Synack, published a video demonstrating a zero-day exploit in the company's upcoming OS.
The video, embedded below, shows an application downloaded on the user's workstation exploiting an unknown flaw to dump the content of the user's Keychain file in cleartext.
I'm attempting to zero a disk on my Mac OS X machine. I'm going for complete zeros and unformatted, so I think of dd.Unfortunately the maximum throughput I've managed to get out of dd is 7MB/s. Just for grins I tried disk utility and it has a throughput of 19MB/s. For Mac OS X, zeroing is available in version 10.2.3 or later. The zero all data option should work with any hard drive originally shipped from Apple as part of a Mac OS X-compatible computer. The history of macOS, Apple's current Mac operating system originally named Mac OS X until 2012 and then OS X until 2016, began with the company's project to replace its 'classic' Mac OS.That system, up to and including its final release Mac OS 9, was a direct descendant of the operating system Apple had used in its Macintosh computers since their introduction in 1984. The Raspberry Pi is a tiny and affordable computer that you can use to learn programming through fun, practical projects. Join the global Raspberry Pi community.
Keychain is a macOS application that stores passwords and account information, working similar to a local password and identity manager. All information stored in the Keychain app is encrypted by default, preventing other users or third-party apps from accessing this data without permission.
Attackers can use zero-day to steal users' Keychain passwords
'The exploit works by exploiting an implementation flaw in the OS,' Wardle told Bleeping Computer in a private conversation. 'It's macOS only (not iOS), but I believe it affects all recent versions of the OS.'
'I haven't tested it with apps from the App Store, but any other code on the box (i.e. it's not a remote attack) can access and dump the user's Keychain [using the exploit],' Wardle added. The exploit also doesn't require root access.
Wardle says the zero-day he discovered can be used by malware or other malicious apps to dump passwords from the Keychain, which later can be exfiltrated to a remote server and used by the hackers.
Researcher reported zero-day to Apple
'I responsibly disclosed the bug to Apple - along with exploit code, and very detailed writeup,' Wardle told Bleeping. 'So, as far as I know, they are working on a patch.'
'Apple marketing has done a great job convincing people that macOS is secure. And I think that this is rather irresponsible and leads to issues where Mac users are overconfident and thus more vulnerable,' Wardle said. 'My goal is simply to raise awareness.'
'As a passionate Mac user, I'm continually disappointed in the security of macOS. I don't mean that to be taken personally by anybody at Apple - but every time I look at macOS the wrong way something falls over. I felt that users should be aware of the risks that are out there,' Wardle told Bleeping.
Second High Sierra zero-day Wardle disclosed this month
Aldshota Zero Mac Os Download
The Keychain vulnerability is, in fact, Wardle's second zero-day the expert revealed in macOS High Sierra this month.
Aldshota Zero Mac Os X
At the start of September, Wardle picked Apple's new OS apart by showing that attackers could bypass a new security feature added in High Sierra.
Wardle found a way to bypass the new 'Secure Kernel Extension Loading' (SKEL) feature added in High Sierra, which would allow attackers to load malicious kernel extensions and take over a user's device.
Image and video credits: Patrick Wardle
Aldshota Zero Mac Os Update
Related Articles:
Aldshota Zero Mac OS