Your Security Is the Best Reason to Get macOS 10.12.2

While some MacBook Pro owners claim macOS 10.12.2 improves battery life, there's a more important reason to update to the latest version of Apple's computer operating system: protecting your passwords. That's because a Swedish hacker made a device that steals passwords off a Mac just by connecting a cable -- unless the latest update is installed.

The PCILeech connected to a MacBook Air. Image: Ulf Frisk

Swedish hacker Ulf Frisk demonstrated his trick in a blog post yesterday (Dec. 15). By simply connecting a device running his PCILeech software to a MacBook Air's Thunderbolt port, then forcing a reboot, you can gain the system's password in less than 30 seconds. With that password comes access to FileVault, the encryption software that protects the hard drive, so you're essentially handing over even a well-protected Mac.

MORE: Best Apple Laptops

Frisk says Apple's latest patches, released Wednesday (Dec. 14) will secure your Mac from this attack. To install the update, click the Apple icon in the top left corner of your screen, select App Store and click Updates.

How were Macs vulnerable to this attack before macOS 10.12.2? Apple left two vulnerabilities open until now. The first didn't protect system memory from direct access (known as Direct Memory Access) before the OS boots up completely. The second was that the system stored passwords kept in FileVault in unencrypted plain text, which made those character strings easy to steal during the boot sequence.

If you're curious about how long it takes to patch leaks such as these, Frisk discovered the issue near the end of July of this year, and then presented and released an earlier version of the technology at the DEF CON 24 hacker conference Aug. 5, without singling out Macs as vulnerable. (The same attack method also works on 64-bit Windows and Linux.)

Frisk formally notified Apple of the vulnerability Aug. 15, and the company privately responded to him Aug. 16. However, it took until December 13 for Apple to release the security update as a part of macOS 10.12.2. Two days later, Frisk updated the PCILeech code to simplify the Mac attack.

macOS High Sierra Tips