MacOS High Sierra has had its fair share of security controversies ever since Apple made it public a few months ago. However, it seems like we’re not done just yet. A new critical bug has been discovered by Turkish software developer Lemi Orhan Ergin. It essentially allows anyone with physical access to your Mac, obtain admin privileges by simply typing “root” in the username field and tapping the “unlock” button a bunch of times. Yes, it’s serious.
Therefore, for instance, if someone enters the guest mode and follows the trick, he or she can read or edit all the files, alter settings, delete other users, basically just about anything the owner could. The vulnerability currently affects only Macs running on the latest High Sierra update. Hence, if you were hesitating to update, you probably should wait for another month or so. While I personally couldn’t test it out since it doesn’t affect every Mac and I was one of the lucky ones, a multitude of users and researchers have come forward on Twitter acknowledging the bug.
Just tested the apple root login bug. You can log in as root even after the machi was rebooted pic.twitter.com/fTHZ7nkcUp
— Amit Serper (@0xAmit) November 28, 2017
In a statement released hours ago, Apple has confirmed the issue and will be issuing a temporary fix soon. Long-term patch will be released sometime later. “We are working on a software update to address this issue,” added the Apple spokesperson.
How to Protect Your Mac From the High Sierra Root Bug
You can, however, still protect your computer by enabling an additional layer of setting. To do that, head over to System Preferences and look for “User & Groups”. Then, tap “Login Options” > Join > Open Directory Utility > Edit in the menu bar. If the item is disabled, make sure you’ve clicked the lock icon for authentication. Turn on the Root User if you haven’t already and if you have, change the Root Password.
This isn’t the first time, as I mentioned, High Sierra has been plagued by a critical loophole. On the day of its launch, people found a piece of malicious code on the operating system which was capable of acquiring the contents of its keychain without a password. Another one was when a bug displayed the user’s password itself as the hint when they tried to unlock an encrypted partition. For a company who has predominantly excelled at protecting its user’s privacy, these revelations are indeed quite shocking.