Menu
Mac security issue prompts Apple development process audit

Mac security issue prompts Apple development process audit

Apple said it released a patch to fix the bug on Wednesday morning

Apple chief, Tim Cook

Apple chief, Tim Cook

Credit: IDG

Apple has said it will review its software development process a day after a researcher discovered a bug in a new version of its Mac operating system that could give hackers total control of vulnerable machines.

Apple said it released a patch to fix the bug on Wednesday morning and it would be automatically installed on vulnerable machines later in the day.

"We greatly regret this error and we apologise to all Mac users," Apple said in a statement. "Our customers deserve better. We are auditing our development processes to help prevent this from happening again."

To exploit the bug, a hacker would need to have physical access to a vulnerable Mac when a user is logged on to the computer. The attacker would then need to change settings on the computer to establish a "root" account, which they could later access.

Root accounts give users complete control over a machine.

The US and German governments issued alerts advising Mac users to install the patch.

Apple said its security engineers learned of the problem on Tuesday afternoon and posted the patch within 24 hours.

"Security is a top priority for every Apple product, and regrettably we stumbled with this release of Mac OS," Apple said in its statement.

Apple stock was down 2.6 per cent at US$168.55 on Wednesday during a broad selloff in tech stocks.

The behavior in the Mac operating system that led to the bug's discovery was described by developers on an Apple forum as early as 13 November as a workaround for problem accessing administrator accounts.

(Reporting by Stephen Nellis in San Francisco and Dougl Busvine in Frankfurt; Editing by Jim Finkle and Andrew Hay)


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags AppleMacbugMac OS

Events

EDGE 2024

Register your interest now for EDGE 2024!

Brand Post

Featured

Slideshows

How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments