A day after it was revealed that macOS High Sierra had a massive security problem that allowed unauthorized users to easily log into a Mac with admin access,The Pursuit of Lust Apple has released a patch for the bug.
SEE ALSO: Apple's 10 biggest screw-ups, rankedYesterday Twitter user Lemi Ergin publicly revealed that if a user types "root" into the User Name field that comes up when making changes to System Preferences, and then hitting enter, the user will gain root-user access. They'll also be able to log into the Mac anytime simply by going to "Other" at login and typing the "root" username again.
This Tweet is currently unavailable. It might be loading or has been removed.
The security flaw apparently only exists on macOS 10.13.0 or later. Apple quickly published a seven-step workaround for preventing anyone from taking control of a Mac this way, and now the company has released an official patch in a security update (download it here). You'll need to be running the latest version of High Sierra (10.13.1) to implement it.
The notes in the security update say it specifically addresses the flaw. As for the cause, the notes say, "a logic error existed in the validation of credentials. This was addressed with improved credential validation."
An Apple spokesperson told Mashable:
Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
Security problems and patches happen all the time, although they are rarely this egregious, or this easy to exploit. It's also just the latest high-profile software problem haunting Apple -- the company recently had to patch a bug on iPhones that would substitute the letter "i" with a strange "A[?]" character for some users.
Topics Apple Cybersecurity
This is the fattest of the extremely fat bears
The OLED Burn
That image of 'Overwatch' League cities going around isn't news
Apple buys automation app Workflow and makes it free
Whale Vomit Episode 5: Startup Monarchy
Confirmed: Nintendo Switch Joy
This 'Time' cover will give you a reality check about Trump's America
Drake has some new tattoos and, well, it's best if you just see for yourself
Amazon Prime Grubhub deal: Save $10 off orders of $20 or more
People are making fun of Airbnb's new Chinese name
'The Last of Us' Season 2, episode 5: The spores are here!
It only took us five minutes to find a big brand advertising on a hate group's YouTube
'Shots Fired' is the most vital show on TV right now
Lindsay Lohan's prank show sounds terrifying in the best way
Philips now allows customers to 3D print replacement parts
LinkedIn tries to make a smarter news feed with 'trending storylines'
Crush your soul with these children's books rewritten for a Trump presidency
Fossil unveils two new Android Wear 2.0 smartwatches for its Q line
'The Last of Us' Season 2, episode 5: The spores are here!
Mermaid, vampire and zombie emoji are coming to your iPhone in 2017
JD.com expands into embodied AI with focus on home applications · TechNodeSamsung and SK Hynix saw strong growth in China in 2024 as chip demand rose · TechNodeHuawei cracks down on recruitment corruption in outsourced hiring · TechNodemiHoYo founder’s AI game Whispers From The Star features realNVIDIA denies reports of splitting off China business into independent firm · TechNodeTranssion's Q1 net profit plunges nearly 70% yHuawei applies for trademarks on the Monkey King and other fictional figures · TechNodeHaier to launch “world's first lazy person washing machine" with tripleZeekr debuts first hybrid SUV to compete with RollsChina and EU resume negotiations on EV duties following Trump tariff hikes · TechNodeZeekr debuts first hybrid SUV to compete with RollsDeepSeek files patent for smarter, more efficient AI data collection · TechNodeChina approves 129 domestic online games in March, a new monthly high since 2023 · TechNodeAgiBot unveils Lingxi X2, an advanced humanoid robot with multimodal intelligence · TechNodeMicrosoft denies shutting down operations in China · TechNodeApple's iPhone 18 to feature TSMC’s 2nm chip next year · TechNodeHaier to launch “world's first lazy person washing machine" with tripleChina’s Xpeng to use own autonomous driving chip on par with Nvidia Thor: reports · TechNodeTikTok expands eAlibaba’s 1688 to eliminate “refund only” policy · TechNode Wordle today: The answer and hints for July 20 Apple AirPods Max hit an all Microsoft outage: CrowdStrike CEO apologizes for global outage What Mashable readers bought on Prime Day: 10 best sellers, most still on sale 'House of the Dragon' Season 2, episode 6: Did Alys Rivers kill Grover Tully? Best Prime Day bladeless fan deals: Shop Dyson deals and more NYT's The Mini crossword answers for July 20 Twitch drops Donald Trump's ban Billie Eilish, College Football 25, and 1,000 basketballs: YouTube videos to watch this week Best Prime Day 2024 robot vacuum deals still live Get 40% off an HP printer at Amazon Wordle today: The answer and hints for July 23 Prime exclusive deal: $50 off Govee floor lamp Google reveals Pixel 9 Pro and Pixel 9 Pro Fold in new videos Best Kindle Scribe deal: Save on the refurbished Kindle Scribe Amazon Prime members can save 15% on select Amazon Basics products Leftover Prime Day deal: Shokz OpenRun Pro are 31% off Best Theragun deal: Theragun Mini massage gun deal Plus, explore colors. Best Prime Day TV deals: Fire TVs, The Frame, cheap QLEDs
2.2821s , 8199.8046875 kb
Copyright © 2025 Powered by 【The Pursuit of Lust】,Inspiration Information Network