Published: Wed, November 29, 2017
Science | By Cecil Little

There's a major security flaw in macOS that gives anyone admin access

There's a major security flaw in macOS that gives anyone admin access

If you have an Apple computer running the latest version of the company's software, macOS High Sierra, be warned: It might be possible for someone to quite easily get into your computer without your login credentials.

In the login field, type "root" as the username. And there's no security check, according to developer Lemi Ergin, who spotted the bug. It also allows for anyone to login to a machine even immediately after reboot.

List Of Samsung Smartphones To Receive Android Oreo Update Leaks Online
It preceded the Galaxy S8 by a month, although LG could not really take advantage of Samsung's delayed Galaxy S8 launch. The Galaxy S9, meanwhile, will have a regular rear-facing fingerprint sensor but positioned in a better location.


The vulnerability allows any person to access the administrator's account on an already unlocked Mac.

IBT reached out to Apple for comment regarding the discovery of the security vulnerability but did not receive a response at the time of publication. But given the cartoonish extremity of this bug, chances are a fix will be available soon.

Cumbria's Ben Stokes spotted at Heathrow heading to The Ashes in Australia
New Zealand Cricket (NZC) have confirmed they're aware of discussions between Stokes' management team and Canterbury Cricket. Stokes was released without charge after being detained following an alleged fight with two men outside a bar.


El Reg was able to replay the bug on our office Macs running High Sierra, which was released in September. We'll show you how to do that, but first let's talk about how this exploit works.

Security issues with your products are never a good thing and when you have a user publically Tweet about one, it makes you move. Click "Login Options", then click "Join", which appears next to the text "Network Account Server". They can change any users' password, allowing them to log in and access things like email and browser passwords.

CBS Cancels Jeremy Piven Show Amid Sexual Assault Allegations
Like so many other men in Hollywood , a collection of troubling sexual harassment allegations against Piven have surfaced. There is no word at present what will air in place of " Wisdom of the Crowd " on Sunday.


Click "Open Directory Utility" and a new window will open. Enter the administrator name and password. If you have a root account enabled and a password for it set, the above blank password trick will not work. We are now updating our machines and will report back. Then from the menu bar at the top of the screen, click on the "Edit" menu and choose "Enable Root User".

Like this: