Register    Login    Forum    Search    FAQ    Donate    Amazon Affiliate

Board index » General




Post new topic Reply to topic  [ 8 posts ] 
Author Message
 Post subject: mac OS Vulnerabilities
 Post Posted: Thu Jan 11, 2018 10:52 am 
Offline
User avatar

Joined: Fri Jul 17, 2015 7:22 pm
Posts: 1517
Location: S.W. Wales
--EDIT-- Changed thread title to include any vulnerability rather than start threads willy-nilly.


Not too huge maybe, but issues are cropping up more frequently.

http://www.techradar.com/news/another-password-flaw-hits-macos-as-apple-breaks-a-new-years-resolution-already

Quote:
Another password bug has been uncovered in macOS High Sierra, and while it’s not nearly as serious as the one which cropped up late last year, it’s still highly embarrassing for Apple as the new year kicks off.

As the Register reports, developer Eric Holtam found the flaw which lies in the App Store settings under System Preferences – assuming the owner of the Mac has instigated a password requirement here. If you attempt to make changes here, a password is requested, but the kicker is you can type in any password and it will work.


Last edited by loughor on Tue Jan 16, 2018 2:14 pm, edited 1 time in total.

Top 
 Profile  
 
 Post Posted: Thu Jan 11, 2018 12:03 pm 
Offline
User avatar

Joined: Thu Oct 07, 2010 1:35 am
Posts: 1474
You have to be logged in as an Admin for this to work, which automatically unlocks this system preference anyway - so yes - not huge at all, and yes - sloppy, embarrassing errors like this are getting more frequent.

Time for Apple to abandon the yearly update cycle IMHO.

_________________
Twitter
Home Page
Flickr Photo Albums


Top 
 Profile  
 
 Post Posted: Fri Jan 12, 2018 10:34 am 
Offline
User avatar

Joined: Thu Feb 12, 2015 12:25 pm
Posts: 1546
Anndra wrote:
Time for Apple to abandon the yearly update cycle IMHO.

Agreed. Just because it works for a stripped down but improving OS like iOS, doesn't mean it should be applied to the incredibly complex and feature-rich MacOS.

_________________
"If it ain't broke, we can fix it" (© Tim Cook, Jonny Ive)

Core i5 2011 21.5" iMac 12,1 2.5 GHz 12GB RAM OS X 10.9.5


Top 
 Profile  
 
 Post Posted: Fri Jan 12, 2018 10:53 am 
Offline
Moderator
User avatar

Joined: Wed Oct 06, 2010 7:51 pm
Posts: 6800
The only reason for the yearly cycle is so Apple can announce something new and shiny every year IMO.

_________________
I'm never wrong, I'm just less right on occasions.

Image


Top 
 Profile  
 
 Post Posted: Fri Jan 12, 2018 11:25 am 
Offline
User avatar

Joined: Wed Oct 06, 2010 8:27 pm
Posts: 5198
Location: Cumberland
Yes it seems apple spirit is no longer based on altruism

_________________
......................1952
...............Effie Madge Mabel Biddie
...................See them on the beach
......................Or in New York City

.............Tina Louise & Hazel & Mavis
Can you name, name, name, name them all today
Can you name, name, name, name them all today


Top 
 Profile  
 
 Post Posted: Fri Jan 12, 2018 1:57 pm 
Offline
User avatar

Joined: Thu Feb 12, 2015 12:25 pm
Posts: 1546
Jonah wrote:
The only reason for the yearly cycle is so Apple can announce something new and shiny every year IMO.

Strange - their 'new and shiny' stuff generally has to do with phones, watches, tablets and TVs. Laptops and desktops are way down the pecking order now.

_________________
"If it ain't broke, we can fix it" (© Tim Cook, Jonny Ive)

Core i5 2011 21.5" iMac 12,1 2.5 GHz 12GB RAM OS X 10.9.5


Top 
 Profile  
 
 Post Posted: Tue Jan 16, 2018 2:18 pm 
Offline
User avatar

Joined: Fri Jul 17, 2015 7:22 pm
Posts: 1517
Location: S.W. Wales
I just saw another mac OS vulnerability posted (I edited the thread title to include more than just the one first posted).

http://www.techradar.com/news/new-mac-malware-hijacks-dns-and-compromises-internet-traffic

Quote:
Mac users haven’t had much good news on the security front early on in 2018, and that unfortunate streak is continuing with the revelation that macOS has been hit by a new strain of DNS hijacking malware (which inflicts more nastiness on the system besides that primary payload).

Named as OSX/MaMi, the malware changes the DNS server settings on the victim’s machine, redirecting their internet traffic through malicious servers designed to steal the user’s sensitive data.


Top 
 Profile  
 
 Post Posted: Thu Jan 18, 2018 11:22 am 
Offline
User avatar

Joined: Fri Jul 17, 2015 7:22 pm
Posts: 1517
Location: S.W. Wales
Unlikely that you'll get this on mac OS or iOS, but here it is:

http://www.bbc.co.uk/news/technology-42728336

Quote:
A new "text bomb" affecting Apple's iPhone and Mac computers has been discovered.
Abraham Masri, a software developer, tweeted about the flaw which typically causes an iPhone to crash and in some cases restart.
Simply sending a message containing a link which pointed to Mr Masri's code on programming site GitHub would be enough to activate the bug - even if the recipient did not click the link itself.


Top 
 Profile  
 
Display posts from previous:  Sort by  
 
Post new topic Reply to topic  [ 8 posts ] 

Board index » General


Who is online

Users browsing this forum: No registered users and 2 guests

 
 

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

 

HTML tutorial