Last last week, it emerged that an OS X Lion security update released in February, 10.7.3, had a flaw relating to the FileVault encryption feature. A debug option appears to have been left enabled by an engineer, which resulted in users' FileVault passwords being saved in a plain-text log file.
The file is accessible outside the encrypted area by anyone with access to the disk, or by malware that knows where to look. Not everybody will be affected though.
According to Sophos, the issue affects those who used the FileVault encryption option for their home directories with Snow Leopard. It does not impact users who did not upgrade from Snow Leopard. It also does not affect users of FileVault2 or those who have full disk encryption enabled.
Vulnerable users who opt not to encrypt their Time Machine backups also risk replicating the log file in their backups.
Written by: James Delahunty @ 8 May 2012 17:47
