Updating macOS High Sierra Could Reactivate Root Password Vulnerability

Apple patches macOS security hole, breaks file sharing

"Are you aware of it @Apple?" the user tweeted.

With the bug in the operating system, any person or malicious program that tried to log into a Mac computer, or install software, or even change settings, could do that by simply entering root as username on the prompt, and they were able to bypass the prompt to gain full access to the computer.

Apple found itself rather red-faced last week when it was discovered that the root account of macOS High Sierra was accessible without a password.

Apple's quick patch for the recently discovered "root" user bug can be undone by upgrading to macOS 10.13.1.

This has been an incredibly awful week for Apple's operating systems.

The solution is a simple one - but one that has not been made sufficient clear by Apple.

It is noted that remotely realize the vulnerability impossible - the attacker must still have direct access to your device. The previous version of the operating system didn't appear to be affected by the bug.

The company began working on an update to close the security loophole after hearing of the issue on November 29, to which Apple said that it has now patched that security flaw, along with a guide on how to fix it. To enable the Root User and set a password, please follow the instructions here: https://support.apple.com/en-us/HT204012.

In a Medium post today, Ergin today said his Twitter disclosure about the Mac bug was met with "many reactions like a blast".

Apple on Wednesday released an emergency patch that fixed an embarrassing login bug in its macOS 10.13.1 High Sierra operating system. "Never mind one from a security and privacy-conscious company such as Apple", Steve Troughton-Smith, a Mac software developer, wrote on Twitter. Anyone can log in as "root" with empty password after clicking on login button several times.

"Oh my god that should not work but it does", another user responded yesterday on the forum. While the security update is now available for download from Mac App Store, Apple said it will also be automatically installing the patch on all Macs running macOS High Sierra 10.13.1. When that happens, "Make sure to update your Macs and MacBooks at your earliest opportunity after it is released", he added.

Related News:



Most liked

Guardiola regrets Redmond rant after City victory
If they want to listen to me then I will do it. "It's not a problem". "I can only encourage him to carry on on this path". Never in my career, on or off the pitch, was I disrespectful about what they believe they have to do to beat me.

Francis Ngannou Knocks Alistair Overeem Stiff (UFC 218 Results)
The heavy handed fighter faced an experienced wrestler in Curtis Blaydes, and earned a win. If you blinked during UFC 218's co-main event in Detroit on Saturday, you missed it.

North Korea lambasts US-South joint military drill
Graham, a foreign policy hawk, said he has had extensive discussions with the Trump administration about the situation. Beijing has backed a slew of sanctions that include bans on imports of North Korean coal, iron ore and seafood.

Former Stanford swimmer Brock Turner information enchantment in intercourse assault case
Multhaup told CNN he had no further comment about "the unfairness of the conviction" beyond what was written in the appeal. Turner was convicted in March 2016 of three felony counts of sexual assault.

Patriots at Bills: Highlights, score and recap
The Patriots have turned to the Bills to fill several holes on their roster in recent years, with Lee the most recent example. Gronkowski drove his shoulder as he lay face down on the turf after the whistle and was penalized for unnecessary roughness.

Lou Williams scores 20 points as Clippers lose to Jazz
"He was being a fairweather ass fan", Rivers explained, during post-game comments obtained by Tomer Azarly of Clutch Points . Rivers described the fan and his disloyal behavior with this statement.

2.0 postponed to release in April
As per the latest reports, 2.0 will release in April, whereas Kaala will hit the screens during the Independence day weekend. Now, the makers on December 2, announced that the Rajinikanth and Akshay starrer will release on 27th April, 2018.

Pelicans star injures groin, likely out Sunday (AEDT)
Minnesota responded by finishing the half on a 17-6 run to take a 62-49 lead into the halftime locker room. It's possible Davis previously injured himself on this play, though.

Pamela Anderson Will Not Apologize for Alleged Victim Blaming
My position isn't "hazardous" in light of the fact that I doesn't fall in accordance with the regular group or pattern. Refer people to my blog and long standing commitment to defending the vulnerable. "I am also an advocate for men".

Defense Ministry: North's Hwasong-15 Assessed to be ICBM-Grade
Charles, Mo., on November 29, President Trump referred to North Korean leader Kim Jong Un as "Little Rocket Man" and "sick puppy". The claim was not proven and experts have cast doubt on the country's ability to master such technology.

Grace has made it to the final two!
Rak-Su closed the first round of performances by singing their original song "Mamacita" for the second time in the competition. Simon said: "I want to say first of all congratulations to Grace who is really an outstanding artist".

Federal Bureau of Investigation official removed from probe for anti-Donald Trump remarks
Newsweek could not reach Strzok or Page through the Federal Bureau of Investigation press office on Saturday. The Post reported it "has repeatedly sought comment from Strzok and Page, but got no response".

Canada's unemployment rate hits lowest level since 2008
That rate is the country's lowest since February 2008, months before the Great Recession took its toll on the economy. Stephen Poloz to hold off before introducing another hike, although they say it's getting harder for him to do so.

Get local help with your Google Assistant
The eBay listing says there is only a limited quantity of the triple pack viable, so make sure you snap one up before they all go. Depending on which music you are playing, or your luck, your Google Home Mini might crash and reboot unceremoniously.

SEC Championship Game Prediction Georgia-Auburn
For just the seventh time in the 26-year history of the SEC championship game, the teams also met during the regular season. Georgia needs to establish the running game with Nick Chubb and Sony Michel to avoid putting too much pressure on Fromm.