High Sierra Bug Provides Full Root Access

Adjust Comment Print

The MacOS High Sierra "root" login bug in action.

By heading to your device's System Preferences, under Users & Groups, you can click on the lock and get hit with a prompt asking for a username and password to change settings.

Here's everything you need to know about the bug, including who is affected by it and whether there is a fix yet. Press Return or click the Unlock button a few times - I've seen it both accept on the first try and require a couple of additional tries. In another lapse, Directory Utility lets you set the root password to blank - just leave both fields empty and click OK. And, as most security experts would attest, physical access will eventually trump any logical security you may have in place.

At the login screen, click "Other".

It is possible to mitigate against the flaw, however, by adding a password for the root user in the users and groups preferences pane.

Native American Leader Slams Trump For 'Culturally Insensitive' Pocahontas Remark
White House press secretary Sarah Huckabee Sanders used that as a defense of Trump's comment at the Monday press briefing. During remarks praising their service, he said: "You were here long before any of us were here".

From the account, you'll able to see everything on the Mac. This blocks the bug from creating another root account.

Business Insider was able to replicate the bug on Tuesday. We are now updating our machines and will report back.

Indeed, we tested this out on a Mac running 10.13.2 High Sierra - although it should work on the current 10.13.1 build - and it works quite easily.

Attackers with root privileges could turn off macOS security features such as FileVault disk encryption, install malware, and copy and delete data.

IBT reached out to Apple for comment regarding the discovery of the security vulnerability but did not receive a response at the time of publication. When the problem is exploited, the user is authenticated into a "System Administrator" account and is given full ability to view files and even reset or change passwords for pre-existing users on that machine.