It leaves Mac users vulnerable…
A major flaw has been discovered in Apple’s macOS High Sierra operating system which allows anyone with physical access to a Mac to gain easy access, without having to put in a password.
A vulnerability in the way the operating system uses passwords means thats passwords can be bypassed by anyone relatively easily. The bug has been described by Edward Snowden as “really bad”.
Apple have confirmed that they’re working to fix the issue, and have issued a step-by-step guide for users to protect themselves in the meantime.
Basically, whenever a computer running macOS High Sierra asks a user to login, you can simply type “root” into the username and leave the password section blank. This should allow you to login initially, but if you just repeatedly press the login button will let you in, no matter how complicated your password is.
The issue was revealed on Twitter recently with a number of how profile people writing about it, including Edward Snowden. It’s unclear if Apple were aware of the bug prior to the revelations on Twitter.
Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?
— Lemi Orhan Ergin (@lemiorhan) November 28, 2017
It’s expected the issue will be fixed quickly in the next update.
LISTEN: You Must Be Jokin’ with Conor Sketches | Tiger Woods loves Ger Loughnane and cosplaying as Charles LeClerc
