MacOS High Sierra hackable by anyone typing the “root” word
The MacOS High Sierra software security flaw will make your jaw drop to the floor.
Considering Mac is the favourite amongst producers and musicians- take precaution for your precious material is at risk.
Naturally there are security flaws in software that open small windows for hackers to climb through.
However, in terms of the security flaw found in High Sierra there isn’t even a door and you don’t have to be a hacker to get inside.
Recently security researchers unearthed a bug that allows ANYONE to break into the operating system’s security protections using a method easier than child’s play.
It goes like this:
When hitting a prompt in High Sierra asking for a username and password before:
– Logging into a machine with multiple users
– Installing an application
– Changing settings
All that’s required is for you to type “root” as a username, leave the password blank and click ‘unlock’ a few times and voila- you have full access.
“We always see malware trying to escalate privileges and get root access,” says Patrick Wardle, a security researcher with Synack. “This is best, easiest way ever to get root, and Apple has handed it to them on a silver platter.”
18 hours after news of the bug went ‘viral,’ Apple announced a security update aimed at fixing High Sierra’s “root” flaw.
Before the patch was made available, other researchers confirmed that you could block the breach simply by setting up a password for the root user.
Interestingly, flaws could have been detected earlier if Apple offered a ‘bug bounty’ for information shared about security vulnerabilities in its software.
Here is a tweet showing how the bug works:
— patrick wardle (@patrickwardle) November 28, 2017
Nip the “root” in the bud and install the update for MacOS High Sierra.