Apple's operating systems still enjoy a perception of strong security despite the fact that vulnerabilities for both iOS and Mac OS X are discovered on a continuous basis and Apple's pace of providing patches is rather unpredictable.
Mac OS X Lion is not an exception and we are hearing that login passwords that are stored in the system memory, even when the computer is in sleep mode or locked, are used to get possibly unauthorized access to a system.
Passware said that a new version of its Passware Kit Forensic V11 can retrieve passwords from a Mac OS X Lion computer in a few minutes. The software uses the content that is stored in the system memory and reads it via Firewire. According to Passware, the password can easily be extracted regardless of password strength. "Long touted as a stable and secure operating system, Mac users are cautioned that the newest operating system has a potential vulnerability that enables password extraction from devices running Mac OS Lion," said Passware president Dmitry Sumin in a statement.
The recommendation to protect yourself from this vulnerability is to simply turn your Mac off and not let it sit in sleep mode on your desk - which seems to be rather common sense. If there is critical and sensitive content on your Mac, you just don't let it sit running in a location where others can easily access it while you are away.