The new macOS High Sierra software update is now available for the Mac. According to security researcher Patrick Wardle, there appears to be a serious vulnerability in the OS.
The security flaw apparently lets hackers have access to Keychain information and it can display plaintext passwords and usernames without the need for the master password.
on High Sierra (unsigned) apps can programmatically dump & exfil keychain (w/ your plaintext passwords)🍎🙈😭 vid: https://t.co/36M2TcLUAn #smh pic.twitter.com/pqtpjZsSnq
— patrick wardle (@patrickwardle) September 25, 2017
The video below shows how this works, although the actual vulnerability has not been revealed, so Apple should be able to fix it before any damage is done.
As yet there is no word from Apple on when this flaw will be fixed, as soon as we get some more details, we will let you guys know.
Source Patrick Wardle, MacRumors