Apple High Sierra Bug Lets Anyone Log Into Your MacBook/iMac

A major flaw has been discovered in Apple’s macOS High Sierra operating system that allows anyone to log into your MacBook or iMac and gain administrator access without knowing the password.

The bug, discovered by Turkish developer Lemi Ergin, involves simply entering the word “root” into the username field on the login screen and leaving the password field blank.

Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?

— Lemi Orhan Ergin (@lemiorhan) November 28, 2017

Ergin then found that if you pressed “Enter” a number of times it would automatically log you in giving you completely unrestricted access to the machine as well as administrator privileges.

Just tested the apple root login bug. You can log in as root even after the machi was rebooted http://pic.twitter.com/fTHZ7nkcUp

— Amit Serper (@0xAmit) November 28, 2017

According to security experts the flaw only affects machines that are running the latest version of Apple’s operating system called High Sierra.

If you are running Sierra then this does not affect your machine and the advice is to almost certainly not update your MacBook or iMac until Apple issues an update.

Some experts are reporting that there is a temporary fix, however it requires some technical understanding of the machine and is not exactly practical for the vast majority of users out there.

from HuffPost UK - Athena2 - All Entries (Public) http://ift.tt/2iilyLB
via IFTTT