Home > Security & Privacy
Macos High Sierra Bug Allows Full Admin Access Without A Password
AOL
November 29th, 2017 | 11:11 AM | 1505 views
ENGADGET.COM
But there's a relatively easy fix.
If you're using Apple's latest macOS High Sierra, you'll want to be wary of giving people access to your computer. Initially tweeted by developer Lemi Orhan Ergin, there's a super-easy exploit that can give anyone gain admin (or root) rights to your Mac. Engadget has confirmed that you can gain root access in the login screen, the System Preferences Users & Groups tab and File Vault with this method. All you need to do is enter "root" into the username field, leave the password blank, and hit Enter a few times. Needless to say, this is some scary stuff.
Root access allows someone to access your machine as a "superuser" with read and write privileges to many ore system files, including those in other macOS accounts. Luckily, the fix is fairly easy. As developer Colourmeamused tweeted, you need to set a root password:
Engadget has confirmed that this will secure your macOS High Sierra machine, and keep people from gaining root access as above. We've reached out to Apple and will update this post when we hear back.
Update, 5:30 PM ET: Apple provided a statement to Buzzfeed, saying that a software update was forthcoming to address this issue. It also notes how to set a root password to protect your computer in the meantime.
Source:
courtesy of ENGADGET
by Rob LeFebvre
If you have any stories or news that you would like to share with the global online community, please feel free to share it with us by contacting us directly at [email protected]