Technology

Major Apple security flaw grants admin access on macOS High Sierra without password

todayNovember 29, 2017

Background
share close

There seems to be a major flaw in Apple’s macOS High Sierra operating system that allows anyone with physical access to a Mac to gain system administrator access without so much as entering a password.

The vulnerability was publicly disclosed on Twitter this afternoon; it’s not clear whether the problem was privately reported to Apple ahead of time, which is the encouraged practice when security vulnerabilities are uncovered. (The company maintains an invite-only bug bounty program.) Despite its incredibly alarming simplicity, The Verge is not reproducing the steps to bypass High Sierra’s login screen here.

However, The Verge has been able to confirm the major security issue remains present as of MacOS 10.13.1, the current release of High Sierra. When the problem is exploited, the user is authenticated into a “System Administrator” account and is given full ability to view files and even reset or change passwords for pre-existing users on that machine. Apple ID email addresses tied to users on the Mac can be removed and altered, as well. There are likely many more ways that someone taking advantage of the issue could wreak havoc on a Mac desktop or laptop.

The level of unbridled access this security hole permits — and it abruptly being made public — will almost certainly prompt Apple to move fast in releasing an update for its Mac operating system.

Until that happens, the best way to protect your Mac against the issue reported today is by ensuring that you’ve set a root password. To do that, go to System Preferences > Users & Groups > Login Options > Join > Open Directory Utility > Edit. Enable the Root User if you haven’t already and then choose Change Root Password. (Thanks, dyavuz!)

The Verge has reached out to Apple for further details.

 

Source: theverge.com

Written by: New Generation Radio

Rate it

Previous post

Music

Grammys 2018: See the Complete List of Nominees

2018 Grammy nominations are here! On Tuesday (Nov. 28), Andra Day revealed the Big 4 categories -- best new artist, record of the year, song of the year, and album of the year -- live on CBS This Morning, and shortly thereafter, the Recording Academy announced the nominees in all 84 categories. JAY-Z leads the pack with eight nominations this year, including nods for album of the year, record of the year, […]

todayNovember 28, 2017

Post comments (0)

Leave a reply

Your email address will not be published. Required fields are marked *


[wpens_easy_newsletter firstname="no" lastname="no" button_text="Εγγραφή"]

ΕΠΙΚΟΙΝΩΝΙΑ

0%