High Sierra flaw lets in anyone onto a Mac as admin

Apple is working on a software fix to the issue, but advises people to set a root password in the meantime to prevent unauthorized access

Victor Barreiro Jr.

@vbarreirojr

Published 2:55 PM, November 29, 2017

Updated 2:55 PM, November 29, 2017

MANILA, Philippines – A security flaw on the High Sierra version of Apple's Mac operating system can allow other people to gain administrative access to a computer running High Sierra.

The flaw lets anyone sign into a High Sierra computer by inputting "root" as a username and not inputting a password.

Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?
— Lemi Orhan Ergin (@lemiorhan) November 28, 2017

The security flaw was reported by a number of people posting on Twitter and Medium on Tuesday, November 28, with some researchers also adding this flaw can also be accessed remotely.

Apple spokesman Bill Evans told Bloomberg, meanwhile, that the company is “working on a software update to address this issue. In the meantime, setting a root password prevents unauthorized access to your Mac.”

Users can also learn more about setting up a root password on this page. – Rappler.com

High Sierra flaw lets in anyone onto a Mac as admin

Victor Barreiro Jr.

Subscribe