Apple has recently been under fire due to a pretty major bug in its FaceTime video calling service, which allows users to listen in to whoever is on the other side even before the call is answered. Now, it"s time for macOS to be the target of unwanted attention, thanks to a new vulnerability discovered by German security researcher Linus Henze.
The problem lies with the Keychain, which can be used to store the user"s passwords for a variety of services. In theory, these are kept safe from any possible intruders, but Henze discovered a vulnerability which can be exploited to reveal all the passwords stored in the Keychain. The exploit is demonstrated in the video below, where Henze uses a specially designed KeySteal app to get access to those passwords.
The KeySteal app doesn"t require administrator rights to get to the passwords, and it also doesn"t seem to matter if Access Control Lists have been set up on the device. This makes it pretty easy for anyone to get access to passwords in the "login" and "System" Keychain, though the iCloud Keychain is apparently safe since it stores data differently.
Unfortunately, Henze hasn"t made Apple"s job any easier in regards to fixing the vulnerability. The firm only has a bug bounty program for iOS, with macOS being left out, so the researcher has decided to withhold the details of the exploit in order to put pressure on the company. Thankfully, those details won"t be shared with anyone else either, so hopefully Apple can get to fixing the issue before anyone else finds a way to exploit it. In the meantime, you can further safeguard yourself by setting up an additional password for the login Keychain, though this might be inconvenient since the system will require authentication for many actions when using the OS.
Source: Linus Henze (YouTube) via 9to5Mac