Skip to main content

Apple says fix incoming for macOS High Sierra root access bug

posted onNovember 29, 2017
by l33tdawg

In identical statements to The Loop's Jim Dalrymple and iMore's Rene Ritchie, Apple says it is crafting a patch for a major macOS High Sierra security hole that grants root level access to a logged-in Mac.

"We are working on a software update to address this issue," Apple said. "In the meantime, setting a root password prevents unauthorized access to your Mac. To enable the Root User and set a password, please follow the instructions here: https://support.apple.com/en-us/HT204012. If a Root User is already enabled, to ensure a black password is not set, please follow the instructions from the 'Change the root password' section."

Discovered earlier today, the flaw allows anyone to log in under a Mac's "root" System Administrator without the need for a password. In practice, the exploit merely requires access to System Preferences, and can be performed in a matter of seconds. Nefarious users can also exploit the bug to bypass a Mac's lock screen.

Source

Tags

Security Apple

You May Also Like

Recent News

Friday, December 15th

Thursday, December 14th

Wednesday, December 13th

Tuesday, December 12th