Apple’s new desktop operating system. macOS 10.13 High Sierra. has a problem that could reveal passwords to would-be hackers
Software developer Matheus Mariano claims to have discovered a bug in the Disk Utility function built inside macOS High Sierra that reveals passwords in plain text to hackers. The hack requires a few steps to complete, but when it’s done, hackers have full access to passwords.
According to Mariano, whose discovery was earlier reported on by MacRumors, hackers can go to the operating system’s Disk Utility and create a new encrypted Apple File System volume.
From there, the hackers need to set a password and hint, and unmount and remount the volume to force the operating system to ask for a password. Upon clicking the “Show Hint” button, Apple’s operating system displayed the password in plain text and not the hint.
Of course, the hack is somewhat self-limiting, since it only affects the Disk Utility feature in High Sierra. If hackers try to access your Apple ID password, for instance, the same problem wouldn’t occur.
It’s also worth noting that Mariano believes the flaw affects only Macs with solid-state drives. If you haven’t used Disk Utility or don’t use a hint, the problem won’t come up