There’s a bug in Apple’s most recent operating system

(Photo credit should read ROBYN BECK/AFP/Getty Images)

There’s a flaw in Apple’s newest computer operating system that allows someone to gain administrative capabilities without a password.

The flaw, discovered by developer Lemi Orhan Ergan and his colleagues, affects macOS High Sierra. To exploit the vulnerability, someone with access to the computer can type “root” and no password in the Users & Groups section of System Preferences.

This gives root access to the computer — meaning a person could operate the device as if they were an administrator and could download malicious software or otherwise compromise the computer.

“We are working on a software update to address this issue. In the meantime, setting a root password prevents unauthorized access to your Mac,” an Apple spokesperson said in a statement. You can follow the instructions¬†here.

“If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘Change the root password’ section,” Apple said.

People across the web have been able to duplicate this bug.

The flaw requires physical access for most people, but could work remotely if the user has Remote Desktop enabled. It’s a good idea, as always, to keep your machine in your own possession.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s