MacOS High Sierra bug: blank password let anyone take control of a Mac

Samuel Gibbs and Matthew Weaver

from Technology | The Guardian on 2017-11-29 10:28 (#399XE)

Apple provides emergency fix for flaw that allows access to secure preferences with username 'root' and subsequent bypass of lock screen

A serious security flaw was found in the latest version of Apple's macOS High Sierra that could allow anyone to access locked settings on a Mac using the user name "root" and no password, and subsequently unlock the computer.

The security flaw, discovered a couple of weeks ago and disclosed in an Apple developer support forum, has been shown to work within the software's user preferences screen, among other locations. Once triggered, the same combination will also bypass the lock screen of Macs running Apple's latest operating system.

Source	RSS or Atom Feed
Feed Location	http://www.theguardian.com/technology/rss
Feed Title	Technology \| The Guardian
Feed Link	https://www.theguardian.com/us/technology
Feed Copyright	Guardian News and Media Limited or its affiliated companies. All rights reserved. 2024