A serious internal bug in the Apple system has compromised the passwords stored by users in the well-known ‘Keychain’ utility. Patrick Wardle, an expert in computer security, has published a video that aims to make society aware of the downloads of unverified applications.
Once again we face serious problems with the network. Patrick Wardle, a former employee of the US National Security Agency (NSA) and an expert in computer security, has discovered a serious internal bug in the Apple system that for years has compromised stored passwords in the well-known ‘Keychain,’ utility. This utility is responsible for saving the passwords that users use in services such as Facebook, Twitter, Google or any bank.
Non-certified applications created for malicious purposes can access these passwords once the user has installed them on the system. The purpose of these applications is to steal stored passwords to control the social networks of users and even make use of large amounts of money.
It should be noted that this ruling not only affects the latest update of Apple’s computer operating system, MacOS High Sierra but also hurts recently released versions. Wardle, who now works for the Synack brand, contacted Apple in early September to warn them about the vulnerability. The objective of the computer security expert was to make the American company aware that it was necessary to rectify the security threat before the release of the MacOS High Sierra version.
Apple advises users to download secure applications
For its part, Apple informs users not to download those unverified applications, as they are unreliable and can put your security at risk. In addition to advising users to download applications that have a security certificate or are available in the Mac App Store , it also encourages them to carefully follow the security dialogs that MacOS contains .
Wardle has shown the flaw through a video so that users become aware of the seriousness of the problem and take action on the issue. There are many dangers to which we are exposed in the network but, in cases like this, it is in our hands to avoid great dislikes and follow the guidelines published by the companies in regard to the download of applications that lack security certificate.