#Fail: Another Apple Password Bug In High Sierra…. This Time It’s The App Store That’s Affected

You have to wonder if Apple even QA’s their products anymore. I say that because after this rather spectacularly bad password bug comes another one. From MacRumors:

A bug report submitted on Open Radar this week reveals a security vulnerability in the current version of macOS High Sierra that allows the App Store menu in System Preferences to be unlocked with any password. 

The ramifications of this bug are clear:

The security vulnerability means that anyone with administrator-level access to your Mac could unlock the App Store preferences and enable or disable settings to automatically install macOS updates, app updates, system data files, and, ironically, even security updates that would fix a bug like this one. 

Now if you read the MacRumors article, you’ll see the steps to reproduce this on 10.13.2 which is the latest version of High Sierra. You’ll also note that this doesn’t work on 10.13.3 which is the upcoming version of High Serra that is currently in beta. That implies that this is already fixed.

But what is clear is that clearly Apple has once again shown that it’s QA processes suck. Bugs like these should be caught really early on in the testing process and should never make it out the door to customers. The fact that this is the second time that this has happened in a short amount of time says to me that Apple has a real problem on their hands and Apple users may want to brace for more of these type of things in the future as Apple can’t seem to get its act together.

Advertisements

One Response to “#Fail: Another Apple Password Bug In High Sierra…. This Time It’s The App Store That’s Affected”

  1. […] having lawsuits filed, and facing two investigations by two governments. And then came the second password bug in macOS that popped up yesterday. That highlights how far Apple has fallen from the days where none of […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: