Mac OS High Sierra Flaw Allows Anyone To Gain Access To Your Mac

By / November 29, 2017 / Hot News, Shocking, Technology

Lemi Orhan Ergin, a Turkish software developer tweeted Apple to say he had discovered a flaw in its new operating system that allowed anyone could log in to a computer running MacOS High Sierra without a password.

 

 

Image Credit: Apple

However, Mr Ergin faced a backlash of criticism for apparently not following strict disclosure guidelines typically used by security professionals. The guidelines instruct security experts to alert companies of flaws in their products, giving them a reasonable amount of time to fix the issue, before going public with the claims.

A root user has access to more than a regular mac user, they have the ability to read and write files on other accounts on the same machine. This ‘super’ user has the potential to delete crucial system files, rendering the computer useless – or install malware that typical security software would find hard to detect.

This major issue needs to be dealt with swiftly by Apple as it now must scramble to put in a correction before the vulnerability can be exploited by criminals.

Image Credit: GETTY

Apple has said in a statement: “We are working on a software update to address this issue. In the meantime, setting a root password prevents unauthorized access to your Mac. To enable the Root User and set a password, please follow the instructions here: https://support.apple.com/en-us/HT204012. If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘Change the root password’ section.”

According to Prof Alan Woodward from the University of Surrey Cyber Security Centre, “Haste and security don’t make good bedfellows… They will need to be careful the patch doesn’t introduce some other problem as they’ve not had time to properly test it.”

 

Facebook Comments

About Author

HOTFEED

Back to Top