Reverse engineering the macOS High Sierra supplemental update

  By Thom Holwerda - Posted on 2017-10-09 19:26:19 UTC at http://OSNews.com

Reported by Matheus Mariano, a Brazilian software developer, a programming error was discovered in Appleā€™s most recent operating system, High Sierra, that exposed passwords of encrypted volumes as password hints. A serious bug that quickly made the headlines in technology websites everywhere.

Apple was prompt to provide macOS High Sierra Supplemental Update [https://support.apple.com/en-us/HT208165] to customers via the App Store, and ensured that every distribution of High Sierra in their servers included this update.

I decided to apply a binary diffing technique to the update to learn more about the root cause of this bug [https://cocoaengineering.com/2017/10/08/reverse-engineering-macos-high-sierra-supplemental-update/] and hypothesize about how the defect could have been prevented.

Original story page here.

Copyright OSNews.com 1997-2006. All Rights Reserved. OSNews and the OSNews logo are trademarks of OSNews.
All trademarks, icons, and logos, shown or mentioned in this web site, are the property of their respective owners.
Reproduction of OSNews stories is granted only by explicitly receiving authorization from OSNews and if credit is given to OSNews.
Privacy statement   -   Notice to Bulk Emailers