Advertisement

Roger Fingas of AppleInsider.com reports on a researcher that claims to have found a new exploit in Apple’s Keychain app, but won’t share his findings saying that the finding could be “bug bounty policies.”

A demo app, “KeySteal,” is able to extract login and System passwords from Keychain without any administrator privileges, and regardless of whether System Integrity Protection or Access Control Lists are configured, according toLinuz Henze. Items in the iCloud Keychain are immune, Henze told Heise.

To read the rest of the article, click here.

About Post Author

(Visited 3 times, 1 visits today)


Advertisement

Dan Uff
Senior Writer / Owner
https://www.compuscoop.com/