Zero-day Bug Found in Apple New MacOS High Sierra

Recently Apple have announced its new MacOS version codename - High Sierra (10.13) (coming Soon), which Apple claims it's MacOS is much secure.

But here it is different, a well known Apple Security Researcher name Patrick Wardle, former NSA hacker, and Chief Security Researcher at Synack have demonstrated a zero-day vulnerability in Apple upcoming MacOS (High Sierra).

The video PoC shows how a single downloaded application in users workstation exploit an unknown flaw to dump the content of the user's Keychain file in cleartext.


Keychain is a macOS application that stores passwords and account information, working similar to a local password and identity manager. All information stored in the Keychain app is encrypted by default, preventing other users or third-party apps from accessing this data without permission.


Bleeping Computer reported that wardle told -
"The exploit works by exploiting an implementation flaw in the OS,". "It's macOS only (not iOS), but I believe it affects all recent versions of the OS."
 Wardle exploit works perfectly without have the root access on system.


"I haven't tested it with apps from the App Store, but any other code on the box (i.e. it's not a remote attack) can access and dump the user's Keychain [using the exploit]," -he added.

Zero-day Reported to Apple Team
Wardle have said that he had reported the vulnerability to Apple Security team and apple may be working on patching this.

The bug can be used by a malware to dumb all the data stored in a keychain.

Second Zero-day in a Month
This is not a first that Wardle have found a bug on Apple High Sierra, earlier also he discovered a way to bypass the new "Secure Kernel Extension Loading" (SKEL) feature added in High Sierra, which would allow attackers to load malicious kernel extensions and take over a user's device.

Source: Bleeping Computer
Read Also
Post a Comment