Today a bit of a security flaw was found in macOS High Sierra, Apple’s latest MacBook operating system. This flaw includes a few taps of the login submit button, the entering of the name ROOT, and a password field left blank. That’s all it takes to log in to a MacBook with High Sierra onboard. Until Apple submits an update which fixes this security flaw, you’re going to want to follow the directions provided below.
Earlier today Software Craftsmanship Turkey founder Lemi Orhan Ergin submitted the flaw to Apple earlier today presumably immediately after discovery. Oddly, this flaw was submitted using Twitter, right out in the open. While the finding of and reporting of a flaw like this is important work, it’s generally very important to submit said flaw to the software developer in private before making said flaw public.
To see this exploit in action, have a peek at the instructions provided below by Ergin. This flaw should be fixed by all users as fast as possible. Apple is currently acting on the situation to find a fix right this minute.
You can access it via System Preferences>Users & Groups>Click the lock to make changes. Then use "root" with no password. And try it for several times. Result is unbelievable! pic.twitter.com/m11qrEvECs
— Lemi Orhan Ergin (@lemiorhan) November 28, 2017
This vulnerability works over VNC / Apple Remote Desktop, too. So, everyone who ever left their device sitting on, on the internet, without watching what’s going on… There’s going to be some lessoned learned. Hard lessons.
This exploit does not appear to work on any version of Apple’s operating system macOS other than macOS High Sierra. For those users out there that have High Sierra in play, follow the following instructions, straight from Apple:
Change the root password:
1. Choose Apple menu () > System Preferences, then click Users & Groups (or Accounts).
2. Click lock icon, then enter an administrator name and password.
3. Click Login Options.
4. Click Join (or Edit).
5. Click Open Directory Utility.
6. Click lock icon in the Directory Utility window, then enter an administrator name and password.
7. From the menu bar in Directory Utility, choose Edit > Change Root Password…
8. Enter a root password when prompted.
Apple’s official word on the situation is that they’re currently working on a software update to “address this issue.” If you do not already have a Root User enabled, you’ll have to head over to that same Apple Support link as we’ve quoted above, and enable as such.