Mac OS X Lion’s Bug Allows Hackers To Change Administrators’ Passwords

Whoever owns a Mac should read this article “Mac OS X Lion flaw allows unauthorized password changes.”  I’ve known for a long time that as long you have a physical access to Mac, you can boot into single user mode by doing a reboot and then holding down the command key + s combination, consequently allowing you or someone else who doesn’t need to know your password to become root at will.  As root, you or someone can definitely change any user’s password, including the administrator’s password.  Now, the flaw that the article I’d mentioned of provides an additional security flaw for Macs.

To mitigate the flaw that the article had mentioned of for Mac OS X Lion, Mac users should not create an account for strangers or allow guest account to be active, or the flaw will allow hackers to change administrator’s password at will.  In addition to that, Mac users should not visit unsafe websites for now, because hackers can trick Mac users to download exploits that will exploit password change flaw — allowing hackers to change Mac users’ passwords at will when they finally have a remote backdoor to Mac machines.  Lastly, it’s best for Mac users to activate Filevault 2.  This way, only trusted users can unlock a Mac, and at the same time Filevault 2 protects a Mac from the security issue of having someone or a stranger to boot a Mac into single user mode, effectively disabling someone from becoming root at will.

Source:  http://www.zdnet.com/blog/hardware/mac-os-x-lion-flaw-allows-unauthorized-password-changes/14883

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.