An urgent update to fill a security flaw in macOS

An urgent update to fill a security flaw in macOS

The root password bug is now fixed.

Photo credit: AFPPhoto credit: AFP

It is highly recommended to do the latest update for macOS High Sierra. This fixes the security flaw that allowed anyone to access the computer with administrator status. You just had to go through the system preferences panel, users and groups section, then type root in user name and leave the password field empty. Thus, the status of administrator was automatically granted.

It was thus possible to bypass the password which gives the right to modify the envy all the programs of the machine in question. Worse, from the home screen, if an Other account was available, the same operation unlocked the computer and allowed access to other users of the system. So far, the only workaround has been to give a password to the root account.

Apple publicly apologizes

Faced with the blunder, Apple immediately apologized via a press release: We deeply regret this error and apologize to all Mac users, both for providing a version including this vulnerability but also for the concern it caused. Our customers deserve better. The American brand has planned to install the patch automatically on all computers equipped with the latest version of macOS High Sierra, 10.13.1.

As a reminder, this is not the only flaw in the genre that affects the apple brand operating system. A bug discovered last month made it possible to display in clear all passwords for encrypted disks in APFS, the new Apple file system introduced on High Sierra and iOS 10.3, by simply clicking on Index. Instead of giving the previously recorded index, the computer gave the correct password directly.