Major Security Vulnerability Discovered in New Mac OS

If you've downloaded the latest Mac operating system, High Sierra, you may want to be on high alert. 

High Sierra became available on Sept. 25 and comes with lots of new features, but a security researcher has already discovered a major vulnerability. Any hacker, with a little bit of work, can steal all the passwords off a computer running the operating system.

The researcher, Patrick Wardle, discovered this when he was able to run an unsigned app on the operating system that could steal plaintext passwords. Wardle immediately reported the vulnerability to Apple and then made his finding public on Twitter. 

on High Sierra (unsigned) apps can programmatically dump & exfil keychain (w/ your plaintext passwords) vid: https://t.co/36M2TcLUAn #smh pic.twitter.com/pqtpjZsSnq

— patrick wardle (@patrickwardle) September 25, 2017

"I discovered a flaw where malicious non-privileged code (or apps) could programmatically access the keychain and dump all this data .... including your plain text passwords. This is not something that is supposed to happen!" wrote Wardle on his Patreon page.  High Sierra isn't alone, however. Another Mac OS, El Capitan, has a similar vulnerability, Wardle said.

According to Mashable, Apple is looking into the vulnerability and advises users to exercise caution and common sense when downloading apps.

Regardless of whether you're using these at-risk operating systems or even using a Mac, the security advice remains the same. Don't download or click on anything suspicious and keep operating systems up to date so you can receive any security patches.