Apple has had a rough year in terms of security breaches. The computer giant has already been criticized for how it handled the Flashback virus earlier this year. That virus infected well over half a million computers before Apple chose to distribute a simple security patch.
Today, another serious security breach has been making the rounds. If you use Mac OS X’s FileVault encryption system and are running a newly updated version of Lion, then your passwords may have already been stolen. A recent security flaw has revealed thousands of user passwords in a plain text file located outside of the program’s encrypted core, making it easy for anybody to access and use somebody else’s password.
This serious security flaw was discovered by computer security researcher David Emry, who says that anybody who used FileVault before the 10.7.3 update could find their passwords in a system-wide text file found outside of the wall of encryption. The text document is a simple debug log file
Fortunately, if you use FileVault 2, then your passwords are probably safe. Obviously, it never hurts to change your passwords on a regular basis, and installing antivirus software on your computer can certainly help.
As of yet, Apple hasn’t released any information about the security hole, but people who design malware and viruses are already starting to target the flaw. If a malicious program is available to install itself on your computer, it would take only seconds to find the unencrypted FileVault password document.
Whether you’re using an Apple computer or a PC, it’s important to keep your passwords protected. If you suspect that somebody could have gained access to your password files or any part of your system, then it’s important to download an antivirus client immediately. At the very least, change your passwords.