New security update fixes macOS root bug

 In Biz & IT, macOS high sierra, root, Tech
0

New security update fixes macOS root bug

Serving the Technologist for more than a decade. IT news, reviews, and analysis.

Enlarge (credit: Samuel Axon)

Yesterday we learned that Apple had made a serious security error in macOS—a bug that, under certain conditions, allowed anyone to log in as a system administrator on a Mac running High Sierra by simply typing in “root” as the username and leaving the password field blank. Apple says that vulnerability has now been fixed with a security update that became available for download this morning on the Mac App Store. Further, the update will automatically be applied to Macs running High Sierra 10.13.1 later today.

Apple’s brief notes for this security update (Security Update 2017-001) explain the bug by saying, “A logic error existed in the validation of credentials,” and claims the problem has been addressed “with improved credential validation.”

Apple shared the following statement with Ars:

Read 1 remaining paragraphs | Comments

Security Update 2017-001 fixes the “logic error” that led to the vulnerability.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt
Internet-paralyzing Mirai botnet comes roaring back with new strainBiz & IT, botnets, distributed denial of service attacks, Internet of Things, IoT, malware, Uncategorized
Comcast deleted net neutrality pledge the same day FCC announced repealBiz & IT, Comcast, net neutrality, paid prioritization, Policy