Home About Contact Advertise Our Sites: Billions of Bytes | Mobile Device Now | Apple Info Center
Apple Info Center
Home > Apple Info

Apple Issues Quick Fix for Mac Password Vulnerability
By Samantha Masunaga
Posted: November 30, 2017 9:53am PST

Apple Inc. said an update was now available to fix a security issue in its latest Mac operating system that enables people to log in to Mac computers without knowing the password.

The Cupertino, Calif., tech giant said Wednesday that as of 8 a.m., the update was available for download and that later in the day it will be automatically installed on all systems running the latest version of MacOS High Sierra.

"Security is a top priority for every Apple product, and regrettably we stumbled with this release of MacOS," the company said in a statement. "We are auditing our development processes to help prevent this from happening again."

A software developer unaffiliated with Apple publicized the problem Tuesday, saying people could log in to Apple computers running MacOS High Sierra by entering the user name "root" and no password, then clicking the login button several times.

The "root" user account is generally used by computer administrators and gives "read and write privileges to more areas of the system, including files in other MacOS user accounts," according to Apple.

The issue had been described online previously, including in the Apple Developer Forum earlier this month, but received more attention after Lemi Ergin, a Turkish software developer, tweeted about it Tuesday, asking Apple if it was aware of the "huge security issue."

In a Medium post published Wednesday, Ergin said staffers at a company he works for discovered the issue while trying to help a co-worker recover access to his local administrator account. The staffers used the flaw to recover the account and informed Apple about the problem last week, he said.

"I have no intention to harm Apple and Apple users," Ergin said in the post. "By posting the tweet, I just wanted to warn Apple and say 'there is a serious security issue in High Sierra, be aware of it and fix it.'"

Apple said in its statement that its security engineers became aware of the issue Tuesday afternoon and that the company "immediately began working on an update that closes the security hole."

© 2018 Los Angeles Times. Syndicated here under contract with YellowBrix, Inc. All rights reserved.

Tell Us What You Think



Information: About Us | Contact Us | How to Advertise
Services: Services for PR Pros (In partnership with NewsFactor)
Sunshine Policy Network Sites: Billions of Bytes | Mobile Device Now | Apple Info Center | Top Tech Wire
Apple Info Center
© Copyright 2018 Apple Info Center and Accuserve Tech Network. All rights reserved.