High Sierra’s App Store System Preferences can be unlocked with any password

A bug report submitted on Open Radar this week reveals a security vulnerability in the current version of macOS High Sierra that allows the App Store menu in System Preferences to be unlocked with any password.

Important to note that this seems to fixed in the latest beta releases, but the current public release still has the vulnerability.

  • jmas

    The main concern is: why is this issue only affecting the App Store preferences? Supposedly the authentication mechanism for unlocking system preferences should be a common one and it should work (or fail) in the same way for all of them. I think that this problem is a symptom of a deeper architectural problem in macOS.

    • Only in that the user always has permission to change permissions within their scope, so the whole lock/unlock business is security theatre (for an admin user).

      This is the problem with asking for authentication for something the user’s already authorized to do. Whether authentication passes or fails, they’re still authorized.

  • Sigivald

    Also important to note, per Gruber, that that’s not even normally locked for an admin user, like … everyone’s normal OSX user.

    And it doesn’t seem to open up anything actually exploitable.

    More – again per Gruber – baffling and embarrassing than dangerous.