Yesterday morning, a researcher named Lemi Ergin disclosed a major bug in macOS High Sierra. On Twitter, he reported that when making changes to Users and Groups preferences, a login prompt appears. By typing in “root” with no password and clicking “Unlock” multiple times, the system automatically authenticates you.
What We Know about the High Sierra Bug
You can trigger this bug with the following stops, according to MacRumors:
1. Open System Preferences
2. Choose Users & Groups
3. Click the lock to make changes
4. Type “root” in the username field
5. Move the mouse to the Password field and click there, but leave it blank
6. Click unlock, and it should allow you full access to add a new administrator account.
This works with any kind of account, including guest accounts. Reportedly, you can even trigger this bug on a locked Mac by using the same credentials.
The current release of High Sierra, 10.13.1, and the current beta are affected. This attack does not work if the user has already password-protected the root account.
Apple’s Official Response
Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
Update: Apple officially released a security patch earlier today.
More Reading
About Secure Compliance Solutions LLC
Secure Compliance Solutions LLC (SCS) provides a wide range of cybersecurity consulting and managed security services to small and medium sized businesses (SMB) and government agencies, fortifying their Information Security and Data Privacy programs. SCS works with its clients to tailor and implement industry-proven frameworks and standards to meet compliance goals and drive consistent security operations. We raise awareness of current security trends and risks to prepare personnel to recognize and defend against potential security issues. We implement technical solutions and controls to minimize data risks and liabilities. Our Managed Security Service provides “constant watch” against both internal and external cyber threats and attacks. At SCS, we promote a strategy of readiness and resilience that facilitates business risk mitigation and enables dynamic response capabilities to keep your business up and running.