Edit: After half day, my wife’s Mac started having the same problem. I have then applied the solution that I found in the Apple
Security Flaws In The Mac OS X Lion
The latest version of the Apple Mac OS X has reported two extreme security flaws in it. These flaws poses a serious security threat to the user of the Mac OS X Lion and may also result in the hacking of the entire system. The first security drawback of the version is that an intruder is allowed to enter into the system database and can change the administrative password of the user without even getting into the hassle of obtaining the victims original password.
This threat was initially reported on the security blog of Defence in Depth. It reported that the bugs installed within the Mac OS X Lion allows non-administrative users which is inclusive of those users who have been provided remote access to the machine, to enter and change the password setting of the original user without even going through the process of legitimate user verification.
The previous models of the Mac operating systems such as that of the Snow Leopard had the option of changing an administrative password only after the user verification process and entering in the previous password in order to get a new one. But, in the Lion model, this option is deemed to be seen. This security flaw can bring about serious consequences as any unauthorized user can easily enter into the system of any other Mac user and hack out all the important information stored in it thereby, freezing out the real owner.
The Defence in Depth has released a scenario as well, which clearly defines those areas where the password hacking process can be used:
Any Mac user owning administrative rights is surfing on the internet using the Safari web browser. In this curse of surfing, the user accidently visits a web page which is operating on a malicious Java Applet. Since, the user is unaware of the Applets evil intentions, he/ she very easily allows it run on the Mac system. This Applet will now start developing a connection between the attacker and the user after which it will provide complete privilege to the unauthorized user to enter into the system database. A point here to be mentioned is that although, the attacker is now in a position to gain access into the operating machine, they still have limited access privileges and not root access in it. This limitation will provide a benefit to the original user that the root systems are safe and cannot be operated by a third person. However, access to the database is so vulnerable in nature that it may destroy the entire security plan. The scenario is that the intruder has now the privilege to change the administrative password. Remember here, that the present user is the administrator. Now the only work on the part of the intruder is to sudo –s to also gain access to root administrator. Moreover, it the targeted user was deprived of administrative rights, the hacker still can obtain user hashes from the Mac operating unit s and make an attempt to break them up.
Now the question is that what is the remedy to this problem until the parent company decides to take an action on the security flaw? For the time being a solution has been also prescribed which is the limited standard access to the utility of ‘dscl’ and is described as follows:
$ sudo chmod 100 /usr/bin/dscl
The second flaw detected in the system unit is that a skilled attacker has the access to view the hash data of the administrative password by the help of extraction from the Directory Services file. Hashes of passwords are the outcomes of operating passwords via the encryption algorithms. These algorithms are considered to be unbreakable, but, in reality, softwares used for automated password breaking has the ability to operate through various probable results ranging from fixed algorithms to convert all the passwords into a plain text format.
An important factor that should be noted here is that a password attacker does not have the privilege to exploit the targeted system by far-off intruders. It is necessary that the attacker might have physical access to the Mac OS or hold remote limited user access to it.
Defence in Depth, on the other hand, also reported that a physical hacker can visit a website containing malicious codes which will again create a circle between the hacker and the user, thereby creating endless possibilities for exploitation. In order to stay on the safer side, do not leave your unit unattended when you are logged in any place with public Wi-Fi. Moreover, the use of quite a strong password may also save you from the security problem.