- Macos high sierra root bug how to#
- Macos high sierra root bug update#
- Macos high sierra root bug Patch#
Macos high sierra root bug update#
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Commenting further, Apple issued an apology and told TechPP, “ Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS. Update: Apple has rolled out a security update for fixing the found bug. For a company who has predominantly excelled at protecting its user’s privacy, these revelations are indeed quite shocking. Another one was when a bug displayed the user’s password itself as the hint when they tried to unlock an encrypted partition. On the day of its launch, people found a piece of malicious code on the operating system which was capable of acquiring the contents of its keychain without a password. This isn’t the first time, as I mentioned, High Sierra has been plagued by a critical loophole. Turn on the Root User if you haven’t already and if you have, change the Root Password. If the item is disabled, make sure you’ve clicked the lock icon for authentication. Then, tap “Login Options” > Join > Open Directory Utility > Edit in the menu bar. To do that, head over to System Preferences and look for “User & Groups”. You can, however, still protect your computer by enabling an additional layer of setting.
Macos high sierra root bug how to#
How to Protect Your Mac From the High Sierra Root Bug “ We are working on a software update to address this issue,” added the Apple spokesperson.
Macos high sierra root bug Patch#
Long-term patch will be released sometime later. In a statement released hours ago, Apple has confirmed the issue and will be issuing a temporary fix soon. You can log in as root even after the machi was rebooted /fTHZ7nkcUp
While I personally couldn’t test it out since it doesn’t affect every Mac and I was one of the lucky ones, a multitude of users and researchers have come forward on Twitter acknowledging the bug.
Hence, if you were hesitating to update, you probably should wait for another month or so. The vulnerability currently affects only Macs running on the latest High Sierra update. Therefore, for instance, if someone enters the guest mode and follows the trick, he or she can read or edit all the files, alter settings, delete other users, basically just about anything the owner could. It essentially allows anyone with physical access to your Mac, obtain admin privileges by simply typing “root” in the username field and tapping the “unlock” button a bunch of times.
A new critical bug has been discovered by Turkish software developer Lemi Orhan Ergin. However, it seems like we’re not done just yet. MacOS High Sierra has had its fair share of security controversies ever since Apple made it public a few months ago.