According to Passware, the latest version of Mac OS X has a "vulnerability" that allows login passwords to be exposed while the Mac is locked or in sleep mode. In order to access those passwords, users will need to connect to the Mac's FireWire port, since it allows for communication by direct memory access, the firm said.
Mac OS X Snow Leopard, the previous version of Apple's operating system, is also affected, Passware says.
Mac OS X Lion was released last week in Apple's App Store. According to the company, it delivers 250 new features. The operating system retails for $29.99.
Luckily for Mac users, the issue can be solved quite quickly by disabling the "Automatic Login" setting in the operating system. Upon doing so, the platform will no longer save passwords in the memory, thus making them unrecoverable through the FireWire port.
Disabling "Automatic Login" is a good security tip in general, regardless of whether or not passwords can be recovered when the Mac is sleeping. By allowing for automatic login, Mac users are basically letting anyone who starts up their computers have full access to their machines. Disabling the feature requires Mac users to choose their profile and input a password to log on to the computer.
Apple did not respond to CNET's request for comment.
No comments:
Post a Comment