Basically there is an exploit that allows any user with physical access to your machine to change a user password without needing to know the old password. A couple things to note:

  1. It is my understanding that you need to be able to get your hands on Terminal. Thus a locked computer would not be vulnerable. ((Now, whether you could do this from a recovery partition and the danger to FileVault 2 users, that I don’t know.))
  2. Far more scary is that typing in your password to grant privileges to applications could result in a malicious application executing this command. Mac App Store to the rescue?

Very interesting and one commenter pointed out this is likely related to the LDAP security issue that was making the rounds a bit ago.

Posted by Ben Brooks