Apple rushes to fix a bug

A researcher was able to figure out a security flaw in the Apple software in the new Mac that could have possibly given hackers total control of vulnerable machines.

The likelihood of the breach was so high that Apple Inc began immediate review of its software development process and pushed out an update that would fix this vulnerability.

Background

Apple Inc. is one of the most successful multinational technology companies in the world. It was founded by Steve Jobs, Steve Wozniak, and Ronald Wayne in April 1976. It was incorporated as Apple Computer, Inc. in January 1977. It currently designs, develops, and sells consumer electronics, computer software, and online services. Among the company’s most successful products are the iPhone smartphone, the iPad tablet computer, the Mac personal computer, the iPod portable media player, the Apple Watch smartwatch, the Apple TV digital media player, and the HomePod smart speaker. Apple's consumer software includes the macOS and iOS operating systems, the iTunes media player, the Safari web browser, and the iLife and iWork creativity and productivity suites. Its online services include the iTunes Store, the iOS App Store and Mac App Store, Apple Music, and iCloud. The current CEO of Apple is Tim Cook.

In November 2017, Apple’s latest phone -iPhone X – hit the markets globally. It is by far the company’s most expensive unit priced at £999. It has been billed as the phone celebrating the 10th anniversary of the iPhone. The unit has been met with largely positive reviews. In addition, Apple once against posted profits for its fourth quarter results. Though its costs increased, Apple said profits were $10.7bn in the quarter, increasing 18%.

In the recent months a number of large organizations have reported cyber hacks and breaches. This includes financial institutions like Equifax and ride sharing company, Uber. This compromised the data and information of millions of people.

Analysis

A researcher was able to figure out a security flaw in the Apple software in the new Mac that could have possibly given hackers total control of vulnerable machines. The likelihood of the breach was so high that Apple Inc began immediate review of its software development process and pushed out an update that would fix this vulnerability.

Not only was a security patch dispatched overnight but it began to be automatically installed in all vulnerable machines within the span of 48 hours. “We greatly regret this error and we apologize to all Mac users,” Apple said in a statement. “Our customers deserve better. We are auditing our development processes to help prevent this from happening again.” Apple said its security engineers learned of the problem on Tuesday afternoon and posted the patch within 24 hours. “Security is a top priority for every Apple product, and regrettably we stumbled with this release of Mac OS,” Apple said in its statement.

The security issue impacted macOS High Sierra 10.13.1. Developers had noticed that someone with access to a Mac computer running Apple's most recent Mac software could type "root" and no password in the Users & Groups section of System Preferences and gain administrator-level access to the computer. That meant a person could download malicious software or otherwise compromise the computer.

The vulnerability was brought up by Turkish developer Lemi Ergin who brought it to notice on Twitter. Considering the power it gives, the bug is remarkably simple, described by security experts as a "howler" and "embarrassing".

"Haste and security don’t make good bedfellows,” said Prof Alan Woodward from the University of Surrey. "They will need to be careful the patch doesn’t introduce some other problem as they’ve not had time to properly test it."

Assessment

Our assessment is that this revelation shows how easy it can be compromise millions of computers across the world. Apple was able to fix the problem within 48 hours however experts have questioned if a hasty security patch will do the intended job and not further create other problems.