Security researcher Patrick Dunstan has released his findings on Apple’s latest operating system OS 10.7, aka Lion, and it doesn’t look good. He found that if provided with physical access, a nefarious person could recover administrator passwords, or even change those passwords, without any special privileges.

Here’s how password security is supposed to work on a Mac: Passwords are stored in “shadow files” which are buried deep in the system’s file structure, and only accessible by someone logged in with an administrator password. Dunstan’s research has shown, however, that in the new version of the operating system, these files can be accessed by any user and passwords extracted. More troubling is his discovery that, with a little prodding, someone with access to the computer’s Terminal command line app can change the administrator’s password themselves.

So, you’ve just gotten your hands on Mac’s newly released OS X Lion and you couldn’t be more thrilled? Well, sorry to rain on your parade, but it would appear Apple has a problem. Not just a “well I don’t like this one specific feature, blah, blah” problem, but an actual security flaw in the software that allows automatically stored passwords to be easily extracted from a sleeping computer.

According to Passware, a software provider, the latest edition of their password cracking forensic suite Passware Kit Forensic v11 can extract Mac OS X Lion user login passwords from the computer’s memory in a matter of minutes. The vulnerability occurs when the computer is in sleep mode. Passwords that are stored in the computer’s memory can be extracted using Passware’s software, which captures the computer’s memory via a FireWire connection and thus the passwords.

The Mac App Store launched earlier today, bringing the relative ease and slight addictiveness of obtaining programs the iOS way to Apple’s computers, finally allowing OS X users to nickel-and-dime our e-wallets to death the way all those iPhone and iPad users get to. Upon browsing the store, in the midst of the obligatory litany of throw-away games and limited demos masquerading as free games lies a decent amount of extremely worthwhile and critically acclaimed games — something most platforms don’t generally accomplish at launch.

Apple‘s Back to the Mac announcement is scheduled to begin at 1pm EDT: While some details of the announcement appear to have leaked via Apple’s forums, including a new MacBook Air, iLife ’11, and a possible mystery product, no one yet knows for certain what’s in store.

It seems pretty likely that the announcement will tease a new version of Mac OS X, tentatively known as “Lion” to the blogosphere thanks to the promotional picture Apple sent out last week (left); however, it’s unclear whether that’d be ready to go on people’s computers anytime soon or would merely be a sneak peek, consistent with Apple’s schedule of releasing the past three updates two years apart each; then again, the rules may be different now.

Update: We’ve written a comprehensive roundup of all the big announcements this afternoon.

Apple has just sent out the above picture to journalists along with an invite to a Mac-centric event, to be held on October 20th. Lest you think that all they focus on nowadays is iPads, iPhones, iPods, and what have you, the event, titled “Back to the Mac,” seems to tease a new version of Apple’s OS X operating system. (Lion?) Tech reporter Omar Gallaga tweets that the invitation mentions “a sneak peek of the next major version of Mac OS X.”

The last update, Snow Leopard (OS X version 10.6) was released on August 28th, 2009; the previous version, Leopard (OS X version 10.5) was released on October 26, 2007. The first four versions of OS X (including the clunky, incomplete 10.0, Cheetah) were released a year or less than a year apart, but the past three have been released two years apart each, so we aren’t exactly ‘due’ for a new OS X. That “sneak peek” could just be that; then again, more could be in store. We’ll find out soon enough.

(h/t Techland)

Windows users, UbuntuHeads — feel free to skip this post. But our internal stats suggest that a fair number of our readers are Mac users, and you all may be interested to know that Apple has just released Mac OS X 10.6.3, the third update to their Snow Leopard operating system.

Installation info and upgrade details after the jump:

Mac OS X users who have felt left out of the Kindle-syncing lovefest since Amazon rolled out Kindle for PC in November and Kindle for iPhone a little over a year ago have cause for rejoicing: as of last night, you can download Kindle for Mac for free, if you have OS X 10.5 or 10.6.