MacOS High Sierra bug allows full admin access without a password

Audrey Hill
November 29, 2017

You can check your version of macOS by clicking on the Apple logo in the upper lefthand corner of your screen and clicking "About this Mac". For affected machines, a person can login to the administrator account by simply entering "root" as the username with no password.

By heading to your device's System Preferences, under Users & Groups, you can click on the lock and get hit with a prompt asking for a username and password to change settings.

Effectively, this issue renders any system running macOS High Sierra completely unsecured - as it doesn't just unlock the device, it gives Admin access.

The workaround right now according to the Twitterverse, is to set a root user password.

Lemi Orhan Ergin on Twitter:

From the account, you'll able to see everything on the Mac. However, if you've used the trick to unlock the Users and Groups already, you can use the same "root" trick to log back into the computer after you've logged out.

Apple did not immediately return a request for comment, but Apple's Twitter support account did reply to Ergin asking for more details. Even so, anyone running any version of High Sierra should take the utmost precaution with their systems until Apple sorts this entire mess out. We are now updating our machines and will report back. As a temporary fix, to prevent the bug from working, we suggest you enable a root account with a password.

As of now, it's unclear how something like this could have slipped past Apple and Apple tends to keep errors like this under wraps and doesn't disclose much about them.

More news: Designer creates Substitute Phone for when you can't flick off yourself
More news: Oh dear: Naya Rivera has been arrested for domestic battery
More news: Cowboys waive RB Darren McFadden, report says

Other reports by MaliBehiribAe

Discuss This Article