« July 2017 | Main

Wednesday, November 29, 2017

MacOS High Sierra Root Exploit

Turkish software developer Lemi Orhan Ergin has discovered a very serious flaw in the latest macOS, High Sierra that allows anyone with local (and/or possibly, remote) access to the machine to log in as the “root” user without supplying a password. Until Apple patches this flaw you must change the root account’s password NOW. Open up a Terminal (in the Spotlight search box just type “terminal”) and type “sudo passwd root”.

Note that disabling the root account does not fix the problem because the exploit actually causes the account to be re-enabled.

Posted by Matthew Carrick at 10:30.20 AM EST | Permanent Link
| Categories: All Things Mac, Best Practices, Security Alerts
Archives

Archive Index
Categories
Adobe
Adware/Spyware
All Things Mac
Alternative Apps
Android
Best Practices
Bluetooth
Cloud Computing
Concepts
Eudora Email
Firefox Extensions
Google Chrome
Hardware Innovations
Hardware Recalls
Headlines
Instant Messaging
Internet Explorer
Java
Mac Safari Browser
Malware
Mobile
Mozilla Firefox
Mozilla Thunderbird
Online Apps
Openoffice.org
Open Source
Opera
Penelope Email
Physical Security
Privacy Issues
Query
RSS Applications
Security Alerts
Software Tools
Technology
TPDBP
Viruses-Trojans-Worms