The following is not a joke: the latest macOS High Sierra 10.13.2 has another password bug, as App Store preferences can be unlocked with ANY password, reports MacRumors.
iPhone in Canada was able to confirm and test the bug on our own Mac running 10.13.2. Essentially, when you want to edit preferences on your Mac, you need to enter a password (or use Touch ID). The bug here allows you to enter any password, which then lets you bypass security and change App Store settings.
Here’s how to reproduce this bug, step-by-step, reports Joe Rossignol:
1. Click on System Preferences.
2. Click on App Store.
3. Click on the padlock icon to lock it if necessary.
4. Click on the padlock icon again.
5. Enter your username and any password.
6. Click Unlock.
This is the second password bug we’ve seen in macOS High Sierra in the past couple months. Back in November, it was discovered admin access was possible without a password, leaving all Mac computers in public vulnerable.
Give this a try yourself, as you’ll be wondering how this is even possible. Expect Apple to fix this bug with a software update ASAP. Be wary of your Mac when letting strangers use it, if you’re worried about someone changing your App Store preferences.
