The IT Nerd

You have to wonder if Apple even QA’s their products anymore. I say that because after this rather spectacularly bad password bug comes another one. From MacRumors:

A bug report submitted on Open Radar this week reveals a security vulnerability in the current version of macOS High Sierra that allows the App Store menu in System Preferences to be unlocked with any password. 

The ramifications of this bug are clear:

The security vulnerability means that anyone with administrator-level access to your Mac could unlock the App Store preferences and enable or disable settings to automatically install macOS updates, app updates, system data files, and, ironically, even security updates that would fix a bug like this one. 

Now if you read the MacRumors article, you’ll see the steps to reproduce this on 10.13.2 which is the latest version of High Sierra. You’ll also note that this doesn’t work on 10.13.3 which is the upcoming version of High Serra that is currently in beta. That implies that this is already fixed.

But what is clear is that clearly Apple has once again shown that it’s QA processes suck. Bugs like these should be caught really early on in the testing process and should never make it out the door to customers. The fact that this is the second time that this has happened in a short amount of time says to me that Apple has a real problem on their hands and Apple users may want to brace for more of these type of things in the future as Apple can’t seem to get its act together.

This entry was posted on January 10, 2018 at 12:49 pm and is filed under Commentary with tags Apple. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.