Enter App Store System Preferences Without Passwords

Date Published:

The current version of macOS High Sierra includes a security hole which is considered to provide users with the opportunity to gain access to the Mac and unlock the App Store System Preferences with no password required. The effect is not so strong. However, the security option seems to work not so properly as meant.

First news about this security hole was publicized accidentally. The report was posted on Open Radar by mistake. It was mentioned that the security fault is present macOS 10.13.2, which is the public version of macOS High Sierra. This problem was tested on the public version and developer beta version of macOS High Sierra as well. The issue was confirmed and will be fixed soon.

This flaw allows anyone accessing your Mac and entering the App Store without password. Of course, that shouldn’t ever happen. It is all about some notable security bug which includes notorious root access flaw. However, the good is that such bag is limited only within the App Store Preferences Page. It unlocks no other pages, so all users accounts and settings will not be gotten and changed.

It should also be taken into account that several of App Store System Preferences windows are also protected behind the password. So, settings and information cannot be used in this way. In addition, it is worth mentioning that this problem is not actually sharing access to private data. It affects Admin users only.

The date of macOS 10.13.3 beta fixing is not known yet. However, it is expected that all users will be shipped with the improved version and better macsteam pretty soon. Speed Up My Mac offer will be also taken into account.