Linus Henze, a security researcher, has uncovered a security flaw in macOS Mojave Keychain that can allow bad actors to steal the stored passwords without administrator privileges.
In a video, Henze demoed how anybody can get access to your password stored in Apple’s secure vault. This isn’t the first time when Henze has discovered a critical security flaw in iOS and macOS.
However, he has denied sharing the vulnerability with Apple to protest the Cupertino Giant’s bounty program, said the researcher in a blog post.
The security researcher is annoyed that Apple does not run any bug bounty program for macOS as it does for iOS. Therefore, he has said that he will not disclose any details about his latest keychain security flaw discovery to Apple.
In a video, Henze demonstrated that passwords could be accessed even if the Access Control lists are set up and the exploit is also possible on systems with System Integrity Protection enabled.
Only macOS Mojave Keychain is susceptible to this flaw and not iCloud Keychain as passwords, and other data is stored differently in the latter.
To defend yourself against this vulnerability, you can use an additional password for the keychain. However, the tight integration of keychain in macOS would result in a number of security popups when the keychain is secured with an extra password.
Henze has urged other security researchers to make macOS vulnerabilities public without informing Apple about them to put pressure on the company to start a bug bounty program for macOS.
While companies like Google, Facebook and Tesla run bounty programs for their several products, Apple being one of the richest companies does not have one for its desktop operating system.