Just yesterday, we reported a serious bug in macOS High Sierra that enabled the root ‘superuser’ on a Mac with a blank password and no security check. Well, now Apple has fixed this bug.
It didn’t take long for Apple to patch macOS High Sierra flaw that let intruders gain full administrator access also known as root on your system. In a statement Apple told MacRumors, that company’s engineers began working on a fix as soon as the problem was discovered.
“The update will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra. We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused.”
Yesterday, it was revealed by security researchers from Synack that anyone can break into macOS High Sierra by a quite simple method. Anyone can easily type “root” as a username in High Sierra, leave the password field blank, click “unlock” twice, and you will gain full access as a ‘superuser’.
Apple has released Security Update 2017-001, which should prevent users from gaining control over another user’s Mac. It is highly recommended to update your macOS to remain protected from this bug.
macOS has already faced security vulnerabilities like this. A couple of months back, a bug made it possible for anyone to easily steal your password from Apple File System. Although its good to know that Apple has fixed the bug in no time, however, letting this bug in its OS in the first place shows the weakness of Apple’s developers.