7/5/2023 0 Comments Macos high sierra root![]() We are auditing our development processes to help prevent this from happening again. We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. This morning, as of 8:00 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra. When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. “Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS. Apple has provided the following statement: Update: Apple will automatically roll out the update later today for everyone who is affected. This was addressed with improved credential validation,” Apple says. “A logic error existed in the validation of credentials. For hackers, it’s a great way to access your emails, personal data and more. It even works with a screen sharing session. CNET independently confirmed that you can log in on MacOS High Sierra with just the username 'root.' The username is the 'root' of all problems for Apples latest operating system. After that, you can see everything on the computer even if it’s not yours. Multiple persons at TechCrunch tested the flaw and could replicate it effortlessly. On the login screen or in the preference panel, you could bypass all security screens by entering the root username and no password. The security flaw affected all Macs running the latest version of High Sierra (at least version 10.13.1 - 17B48). ![]() But it shouldn’t have happened in the first place. ![]() ![]() Interestingly, the release notes say “install this update as soon as possible.” Apple has worked long hours to fix yesterday’s flaw as soon as possible. In order to install the update, open the Mac App Store and click on the “Updates” tab. This update fixes yesterday’s very concerning vulnerability that let anyone log into your Mac without your password. Apple has just released a security update for macOS High Sierra and you should update right now (Apple will automatically push the security patch later today). ![]()
0 Comments
Leave a Reply. |