Apple’s new operating system for computers, macOS High Sierra, is about to arrive and it comes with a nasty little zero day. A security researcher, who used to work for the NSA found the vulnerability that allows an unauthorised party to exfiltrate passwords from the Keychain – Apple’s tool for storing passwords and other security information.
Aside from the potential pain that High Sierra will bring as older 32-bit applications will not be supported, just as they aren’t in iOS 11, this new flaw works by bypassing a kernel extension called Secure Kernel Extension Loading (SKEL). SKEL is meant to stop bad guys from loading rootkits and other malware but can be easily bypassed.
The researcher, Patrick Wardle, who is Synack’s chief security researcher, has posted a video demonstrating how the hack can be used to steal data from the Keychain.
According to reports, the issue has been reported to Apple who will be shipping High Sierra as scheduled with a patch to repair the flaw, which also affects older versions of macOS, expected to follow later.
While being an early adopter is usually fun, this might give some people some pause before rushing into an upgrade.