The latest bug to affect macOS is a bit of a doozy. A critical bug affecting macOS High Sierra allows the App Store menu in System Preferences to be unlocked with any random password. This was revealed recently by Open Radar contributor ‘eholtam’ who says that the bug affects High Sierra version 10.13.2 17C88 and above.
Beebom can confirm that you can, indeed, unlock the App Store menu with any random password. We used a Macbook Air (2014 model) running High Sierra 10.13.2 to independently verify the claims. However, as reported on the community bug report forum, it only works when you’re trying to login as an admin. We weren’t able to unlock the App Store menu when we tried using a guest account.
Apple is believed to have taken note of the bug-report and is expected to roll out the fix in version 10.13.3, which is currently in its beta-testing phase.
However, the company is yet to release a statement about it unlike the last time around, when a much more serious bug was reported. That particular bug, which affected versions 10.13.1 (and lower), let anyone log into an admin account without a password just by using the username “root”.
While Apple fixed that particular flaw with version 10.13.2, it also brought along this particular bug, and although it is not half as problematic as the earlier one, it still brings into question the company’s seriousness about security-related issues.
Either way, if you’re using a Macbook or an iMac with High Sierra 10.13.2, be sure to download the next update as soon as it is rolled out.