Apple rushed out an emergency patch Thursday that fixed an incredulous bug in its shiny new High Sierra operating system that revealed APFS volume passwords via the password hint feature.
Brazilian researcher Matheus Mariano of Leet Tech found the bug and privately disclosed it to Apple. He said that upon creation of an encrypted container in APFS—Apple’s new file system in High Sierra—the password guarding it is stored in plaintext in the password hint.