Updated:02:03 AM EST Dec 12


this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
submit news

FREE eBooks

REVIEWS
 
SOFTWARE
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
 
FORUMS
comments
hardware
software
off-topic
 
LINKS
 
SPONSORS:

Forex Brokers Reviewed



Booty Bingo

New Look Bingo

Mummies Bingo

M Jackpots

(C) 2006-2017 TechAmok
All Rights Reserved.


CONTACT
 
Major macOS High Sierra Bug Allows Full Admin Access Without Password - TechAmok

Major macOS High Sierra Bug Allows Full Admin Access Without Password - [security]
10:36 AM EST - Nov,29 2017 - post a comment

There appears to be a serious bug in macOS High Sierra that enables the root superuser on a Mac with a blank password and no security check. The bug, discovered by developer Lemi Ergin, lets anyone log into an admin account using the username "root" with no password. This works when attempting to access an administrator's account on an unlocked Mac, and it also provides access at the login screen of a locked Mac.

To replicate, follow these steps from any kind of Mac account, admin or guest:

1. Open System Preferences
2. Choose Users & Groups
3. Click the lock to make changes
4. Type "root" in the username field
5. Move the mouse to the Password field and click there, but leave it blank
6. Click unlock, and it should allow you full access to add a new administrator account.

At the login screen, you can also use the root trick to gain access to a Mac after the feature has been enabled in System Preferences. At the login screen, click "Other," and then enter "root" again with no password. This allows for admin-level access directly from the locked login screen, with the account able to see everything on the computer. It appears that this bug is present in the current version of macOS High Sierra, 10.13.1, and the macOS 10.13.2 beta that is in testing at the moment. It's not clear how such a significant bug got past Apple, but it's likely this is something that the company will immediately address.

Until the issue is fixed, you can enable a root account with a password to prevent the bug from working


Add your comment (free registrationrequired)

Short overview of recent news articles

Dec,12 2017 Bits Be Trippin' Mining on NVIDIA TITAN V
Dec,11 2017 Google Releases Tool To Help iPhone Hackers
Dec,11 2017 Bitcoin Futures Surge In First Day Of Trading
Dec,11 2017 The Walking Dead Overkills - Official Trailer
Dec,11 2017 YouTuber Nearly Dies in Very Dumb Head-in-Cement Microwave Stunt
Dec,11 2017 Top-Selling Handgun Safe Can Be Remotely Opened in Seconds without
Dec,11 2017 DAY 8: Madison Beer by Phil Poynter #LOVEADVENT2017
Dec,11 2017 DAY 7: Rita Ora by Rankin #LOVEADVENT2017
Dec,11 2017 DAY 6: Sara Sampaio by Phil Poynter #LOVEADVENT2017
Dec,09 2017 First Alita: Battle Angel Trailer is Here!
Dec,09 2017 THE TERROR Teaser Trailer NEW (2017) Drama TV Series HD
Dec,08 2017 GeForce Game Ready 388.59 WHQL drivers
Dec,08 2017 Nvidia launches $3,000 Titan V PC GPU based on Tesla V100
Dec,08 2017 US Develops Microwave Weapon That Could Destroy North Korean
Dec,08 2017 Microsoft Issues Emergency Update to their Malware Protection Engine
Dec,08 2017 Jurassic World: Fallen Kingdom - Official Trailer
Dec,08 2017 How small a hole can a mouse get through? Experiments.
Dec,08 2017 Republic Wireless Relay Is Walkie-Talkie Phone for Kids
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs