You are here Home » Apple » MacOS High Sierra ships without root password, simply enter root username and click Ok

MacOS High Sierra ships without root password, simply enter root username and click Ok

by Felix Omondi
MacOS High Sierra

Well, this is very embarrassing for Apple, a globally acclaimed technology devices and solutions company. Apparently, its laptops running MacOS High Sierra are very vulnerable, and it doesn’t take some serious hacking skills, just simply type in root under root password and hit ‘Ok’ button (sometimes more than once), and voila, you are in with full admin access.

Yes, that is right! Put in username as root then hit the ok button, and you get logged in with full admin access. No password needed! From there you can do pretty much anything you want with your full admin access privileges. That include ability to change the password for other user accounts on that computer, and any other mischiefs your heart desires.

This vulnerability was unearthed by Lemi Orhan Ergin, a Turkish developer, who says you might need to click Ok button a couple of times, but eventually you do log in without a password. Word has it that multiple other people have tried the same, and in all cases they were able to get into root admin login without ever putting a password.

There has been no official communication regarding the matter. As you would imagine, they (Apple) are getting a lot of calls, emails, social media call outs over the matter. To say that Apple is currently in a crisis meeting and grilling the ‘locksmith department’ won’t be too far fetch.

As a user, how do you protect yourself?

As we wait for security update from Apple to fix the matter, you, as a Mac computer user, should take hasty steps towards securing your computer. MS Power User recommends you assign a root password ASAP.

Go to System Preferences > User Groups and follow the instructions below:

Open Directory Utility

Click the lock symbol to make changes, log in as admin

Click Edit > Enable Root User

Click Edit > Change Root Password

Set a password.

You may also like

1 comment

Viktor Navarro December 11, 2017 - 6:51 am

Not something I would consider a problem, more of a catastrophe. i mean, how can a killer issue like that slip past the developers from a giant company like Apple?
It’s memetic levels of fail.

Comments are closed.