Apple releases fix for macOS High Sierra privilege escalation flaw

Yesterday on Twitter, developer Lemi Orhan Ergin informed Apple of a major vulnerability in macOS 10.13, also known as High Sierra. Ergin found that on systems in their default configurations, one could simply type "root" as a username in certain privilege-escalation dialogs, leave the password field blank, and then click "Unlock" repeatedly to gain superuser access. Today, Apple has rushed out a patch for the issue.

...

Read more...