Mac OS X Lion Login Passwords Extracted With Ease
Passware, a provider of password cracking software, today said that the latest edition of its flagship password cracking forensic suite, Passware Kit Forensic v11, can extract Mac OS X Lion user login passwords from system memory in a matter of minutes.
Mac OS Lion PasswordsThe Mac OS vulnerability relates to user login passwords that are stored in the system memory even if the computer is locked or put into a sleep mode. Passware's software captures live Mac computer memory over FireWire and analyzes it, extracting these passwords, a process that the company says takes just a few minutes--regardless of password strength and use of a FileVault encryption. The vulnerability is present in all modern versions of Mac OS, including Mac OS X 10.6 Snow Leopard and the latest Mac OS X 10.7 Lion, released last week.
As Apple's operating system has increased in popularity in recent years, so have security threats for users. Passware President Dmitry Sumin notes, "Long touted as a stable and secure operating system, Mac users are cautioned that the newest operating system has a potential vulnerability that enables password extraction from devices running Mac OS Lion."