Warning! Mac OSX High Sierra 10.13 Vulnerability

Description

A security flaw has been detected in Mac operating systems, High Sierra 10.13 or greater.  This vulnerability allows anyone to login to a Mac device and change administrative settings by typing in the username “root” with no password more details can be found in the links provided.

 

Systems at Risk

  • Currently, this vulnerability is only detected in users with a Mac operating system that has been upgraded to High Sierra 10.13 or greater.
  • Systems with local console access, such as shared usage computers in teaching or lab environments, where users of shared computers are not privileged with root access.
  • Systems with Apple Remote Desktop (ARD) enabled

Systems Not at Risk

  • Mac operating systems that are prior to 10.13
  • Systems using SSH (Secure Shell)

Recommended Actions

  1. High Sierra 10.13 or greater users: A possible fix is to create a root account, then set a password and leave it enabled.  Instructions can be found here: https://www.macrumors.com/how-to/temporarily-fix-macos-high-sierra-root-bug/
  • If you do not have the latest MacOS, do not upgrade to High Sierra 10.13 or greater until a patch is made available

More Information

https://www.macrumors.com/how-to/temporarily-fix-macos-high-sierra-root-bug/

 

https://www.theverge.com/2017/11/28/16711782/apple-macos-high-sierra-critical-password-security-flaw

 

http://www.pocket-lint.com/news/142980-macos-high-sierra-root-bug-allows-admin-access-without-a-password-who-is-affected-and-is-there-a-fix http://uk.businessinsider.com/macos-high-sierra-can-be-hacked-with-username-root-and-no-password-2017-11

 

Posted: 11/29/17 7:58 am
Last updated: 11/2/18 9:48 am
Event type: Informational
Current status: Resolved
Service Security Alert