A day after it was revealed that macOS High Sierra had a massive security problem that allowed unauthorized users to easily log into a Mac with admin access010 Archives Apple has released a patch for the bug.
SEE ALSO: Apple's 10 biggest screw-ups, rankedYesterday Twitter user Lemi Ergin publicly revealed that if a user types "root" into the User Name field that comes up when making changes to System Preferences, and then hitting enter, the user will gain root-user access. They'll also be able to log into the Mac anytime simply by going to "Other" at login and typing the "root" username again.
This Tweet is currently unavailable. It might be loading or has been removed.
The security flaw apparently only exists on macOS 10.13.0 or later. Apple quickly published a seven-step workaround for preventing anyone from taking control of a Mac this way, and now the company has released an official patch in a security update (download it here). You'll need to be running the latest version of High Sierra (10.13.1) to implement it.
The notes in the security update say it specifically addresses the flaw. As for the cause, the notes say, "a logic error existed in the validation of credentials. This was addressed with improved credential validation."
An Apple spokesperson told Mashable:
Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
Security problems and patches happen all the time, although they are rarely this egregious, or this easy to exploit. It's also just the latest high-profile software problem haunting Apple -- the company recently had to patch a bug on iPhones that would substitute the letter "i" with a strange "A[?]" character for some users.
Topics Apple Cybersecurity
5 Ways to Access a Locked Windows Account
Uber driver creepily livestreams videos of his passengers on Twitch
Simon Pegg on how sci
The best trailers from Comic Con 2018, ranked
Samsung Unpacked stream is set for May 12, 2025
Twitter CEO responds to mountains of criticism from The New York Times
Scientists won't need to dig far to find signs of life on Jupiter's moon Europa
Report: HomePod will be able to set multiple timers this fall
10 Tech Predictions for 2017
WhatsApp tries to stop messages from going viral to fight fake news
NYT Connections Sports Edition hints and answers for May 18: Tips to solve Connections #237
A comprehensive guide to Nick Jonas' career thus far
'Buffy the Vampire Slayer' reboot in the works, focused on diversity
Samsung's upcoming wireless charger can charge two devices at once
Robin Triumphant
Simon Pegg on how sci
Space photos show the UK turned from green to brown by heat waves
11 noteworthy Instagram posts from the past week
This fat bear's before and after photos are stunning
'Spider
How refugee parents use Facebook and WhatsApp to teach kids new skillsUber just released the ultimate millennial credit cardFoldable smartphones that open up into tablets are destined to flop'Stranger Things 2': What happened to Barb?'Blue Planet II' clip shows fish jumping out of water to swallow birdsFinally, Twitter forbids Russia Today, Sputnik from advertising'Stranger Things' is strange, but the real world is much strangerBaseball player George Springer's mission to empower kids who stutterPope Francis talks to astronauts on the International Space StationWaymo will test its selfApple's TV shows won't have violence or nudityIt's important to know what kind of boss you should work forApple's new macOS beta release adds hundreds of new emoji'Jane the Virgin' companion novel 'Snow Falling': Read an excerptGoogle Pixelbook review: $1,000 gets you the best ChromebookHands on Epson and DJI's drone Augmented Reality Flight SimulatorTeaching kids about sex ed is important for preventing sexual violencePeople are excited about the iPhone X, but might not actually buy oneAre your Slack Direct Messages really private? Here's how to find out.'Stranger Things 2' is up on Netflix and there have been some strong Twitter reactions Beijing forbids generative AI in online medical prescriptions · TechNode HoYoverse introduces new trailer for Zenless Zone Zero at Gamescom 2023 · TechNode East Buy to join Taobao Live in an effort to expand consumer base: report · TechNode Realme unveils GT5, an affordable smartphone with 24GB RAM · TechNode TME's Q2 revenue rises 5.5% despite weakened live streaming services · TechNode Xiaomi to use CALB and CATL batteries for new EV · TechNode ByteDance’s domestic revenue growth slows, while overseas revenue surges · TechNode iFlytek unveils updated LLM SparkDesk V2.0 and new product iFlyCode 1.0 · TechNode Honkai: Star Rail’s global revenue exceeds $500 million · TechNode Huawei Mate 60 series may feature pioneering satellite ByteDance’s subsidiary tests its AI robot Doubao · TechNode BYD reportedly in talks to build first joint battery plant in South Korea · TechNode Foxconn to make chip substrates for Nvidia’s HGX AI servers · TechNode iFlytek poised to launch GPT Tencent to launch AI model later this year, says it’s among China’s best · TechNode BYD turns to develop its own self Apple to expand production of M2 chip Baidu integrates three new plug Shein takes 1/3 stake in Forever 21 operator Sparc Group · TechNode China’s Hozon to start operations at a new EV parts plant in September · TechNode
2.608s , 8198.109375 kb
Copyright © 2025 Powered by 【2010 Archives】,Unobstructed Information Network