A day after it was revealed that macOS High Sierra had a massive security problem that allowed unauthorized users to easily log into a Mac with admin access011 Archives Apple has released a patch for the bug.
SEE ALSO: Apple's 10 biggest screw-ups, rankedYesterday Twitter user Lemi Ergin publicly revealed that if a user types "root" into the User Name field that comes up when making changes to System Preferences, and then hitting enter, the user will gain root-user access. They'll also be able to log into the Mac anytime simply by going to "Other" at login and typing the "root" username again.
This Tweet is currently unavailable. It might be loading or has been removed.
The security flaw apparently only exists on macOS 10.13.0 or later. Apple quickly published a seven-step workaround for preventing anyone from taking control of a Mac this way, and now the company has released an official patch in a security update (download it here). You'll need to be running the latest version of High Sierra (10.13.1) to implement it.
The notes in the security update say it specifically addresses the flaw. As for the cause, the notes say, "a logic error existed in the validation of credentials. This was addressed with improved credential validation."
An Apple spokesperson told Mashable:
Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
Security problems and patches happen all the time, although they are rarely this egregious, or this easy to exploit. It's also just the latest high-profile software problem haunting Apple -- the company recently had to patch a bug on iPhones that would substitute the letter "i" with a strange "A[?]" character for some users.
Topics Apple Cybersecurity
NYT Connections Sports Edition hints and answers for May 19: Tips to solve Connections #238
Harry Potter Looks Different, and Other News by Sadie Stein
Our New Year’s Resolution: Spend More Time with the Kids by Dan Piepenbring
Makeovers by Sadie Stein
Hurricane Laura's impact lingered with nightmarish mosquito swarms
Anthony Cudahy
Timothy Leo Taranto’s illustrated author pun of F. Scott Fitzgerald
This Is Growing Up by Justin Alvarez
Best Hydro Flask deal: Save $10 on a 24
Recapping Dante: Canto 12, or A Concerned Parent Contacts the FCC by Alexander Aciman
SpaceX's Starlink will provide free satellite internet to families in Texas school district
The Ghost of Christmas Past by Sadie Stein
Timothy Leo Taranto’s illustrated author pun of F. Scott Fitzgerald
Amazing Headline Alert by Sadie Stein
Shop Owala's Memorial Day Sale for 30% off tumblers
Charmed, I’m Sure by Sadie Stein
Book News for January 13, 2014
Harry Potter Looks Different, and Other News by Sadie Stein
Useful or Little Known Android Features
Sadie Stein on Missed Connections
Glamorous teen applying flawless makeup is your new life coachBow down to Aurora, fluffy cat princess and IRL Snapchat filterApple acquires music company Platoon to bolster original musicAirbnb threatens legal action in New YorkThis Instagram artist's mock selfAre wool sneakers the future of footwear? Some investors think so.Jodie Whittaker will be returning for another season of 'Doctor Who'Behold, this gate sounds like the beginning of the 'Jurassic Park' themeApp claims to bring the family schedule all into one placeOnePlus is making a 5G phone, but it won't be cheapPatent shows AirPods may get biometric improvements, noise cancelingPantone's 2019 color of the year isn't just a pretty pinkLatest victims of a Photoshop battle are bored millennials at state fairThis cafe had the perfect response to a 1Alexandria OcasioXiaomi's next phone might have a 48Bow down to Aurora, fluffy cat princess and IRL Snapchat filterHow to make your Instagram 'Top Nine' for 2018Single mom wears a fake mustache so her son doesn't miss 'Donuts with Dad'Pantone's 2019 color of the year isn't just a pretty pink The Bizarre Beauty of Early Hand Practice Safe Selfies, and Other News I Know This Much Is True by Sadie Stein Defunct Magazines: How “Desert” Captured the Southwest Best projector deal: The Nebula by Anker Capsule II mini projector is down to $399.99 Here's what Hollywood writers are getting in their new deal We’re Bringing Back Our #ReadEverywhere Contest On the 10th anniversary of her son's death, Trayvon Martin's mother reflects on his life The Crossword Puzzle’s Simplest Pleasures Stanley Mouse and the Sixties Psych At the Beijing 2022 Winter Olympics, a robot is making the drinks How to clear cache on Chrome Teju Cole on Clubbing in Lagos A Day at an Upper West Side Bank Best air purifier deal: The Dyson Pure Humidify + Cool is 42% off at Amazon The Plum Tree on West 83rd Street F. W. Murnau’s Head Is Missing from His Grave How young women are facilitating and challenging feminist discourse on TikTok The Barbarism of Goebbels’s Diaries The Apple 35W Dual USB
2.3919s , 10106.890625 kb
Copyright © 2025 Powered by 【2011 Archives】,Exquisite Information Network