Yesterday a major security flaw was discovered in macOS High Sierra.
Update 30/11 : This has now been patched by Apple. A support page for the patch, Security Update 2017--001 details Apple's response. The update is reported to cause issues with file sharing Apple has released an additional fix for that also.
To update your mac, follow these steps
The vulnerability was discovered by Apple developer Lemi Ergin, it allows anyone with physical access to your machine to login with full admin privileges, without a password. This isn’t a complicated hack, just a case of using root as the username and trying it with no password a couple of times.
First check if you are affected.
Only MacOS High Sierra is vulnerable. To check if you are using High Serierra do the following.
First, click on the Apple icon in the top left corner of your screen. From there, you can click 'About this Mac'.
You'll now see a window in the middle of your screen with information about the Mac you're using.
If this screen states you are using macOS High Sierra you are affected by this vulnerability.
Try it yourself
You can replicate this by following these steps from any account on your mac.
- Open System Preferences
- Choose Users & Groups
- Click the lock to make changes
- Type "root" in the username field
- Move the mouse to the Password field and click there, but leave it blank
- Click unlock, and it should allow you full access to add a new administrator account
The user account named ”root” is a superuser with read and write privileges to more areas of the system, including files in other macOS user accounts. account is not intended for routine use. Its privileges allow changes to files that are required by your Mac.
How to fix while Apple release update
A fix is currently being released by Apple, until then though there are steps you can take to ensure your Mac remains secure.
To fix this vulnerability you need to disable the root password.
- Choose Apple menu then System Preferences
- Click Users & Groups (or Accounts).
- Click , then enter an administrator name and password.
- Click Login Options.
- Click Join (or Edit).
- Click Open Directory Utility.
- Click in the Directory Utility window, then enter an administrator name an password.
- From the menu bar in Directory Utility:
- Choose Edit > Enable Root User, then enter the password that you want to use for the root user.
- Or choose Edit > Disable Root User.
Mac Rumours have created a step by step guide on how to do this
https://www.macrumors.com/how-to/temporarily-fix-macos-high-sierra-root-bug/
Alternatively here's a quick video from Kyle Heath
If you need any advice, please get in touch. Apple machines are widely used through business now, they have to be secured, patched and updated just like any other endpoint. At ATG we have been Apple experts for almost 30 years so understand what needs to be done to protect your business.
You must be logged in to post a comment.