Huge Apple security glitch gives ANYONE access to your Mac without a password by typing ‘root’ as the username: Here’s how to fix it
The security flaw was found by Turkish developer Lemi Ergin
He found access could be given to anyone by typing in the username ‘root’
The hacker then has to ‘enter’ a few times without putting in a password
He described it as a ‘huge security issue’, adding the result was ‘unbelievable’
By TIM COLLINS
DAILYMAIL.COM
29 November 2017
Apple is reportedly working to fix what has been called a ‘huge’ and ‘unbelievable’ security issue in the latest version of its Mac operating system.
The flaw could means anyone can log in to a computer running MacOS High Sierra without a password via system preferences, using the root user account.
Apple has advised its customers who may be affected to set a password for the device’s root user, which should stop people exploiting the vulnerability.
It has also now released a security update to address the issue, which users should download immediately.
Turkish software developer Lemi Orhan Ergin tweeted the tech giant to say he had discovered the bug.
In the tweet, he said: ‘Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra.
‘Anyone can login as ‘root’ with empty password after clicking on login button several times. Are you aware of it @Apple?’
He went on to say: ‘You can access it via System Preferences@Users & Groups@Click the lock to make changes.
‘Then use “root” with no password. And try it for several times. Result is unbelievable!’
Videos posted online show people in the users and groups box typing the username ‘root’ at the login screen, leaving the password field empty, and appearing to get unrestricted access to the machine.
The Rest…HERE
