Skip to content
This site uses cookies. By continuing to browse, you agree to the use of cookies. You can change your settings or learn more here.
Image: Christoph Dernbach DPA/PA Images

Apple trying to fix password bug that would allow anyone easily access a Mac

A web developer found the way to get around password protection on Apple’s latest Mac operating system.
Nov 29th 2017, 8:24 AM 11,420 45

APPLE HAS SAID that it is working to address a serious bug in the latest version of its Mac operating system, which would allow anyone to easily get around password protection.

The bug in the MacOS High Sierra gives the user access and administrative rights to the computer by typing the username “root”, leaving the password field blank and hitting enter a few times.

While it cannot be exploited remotely, the security flaw would let anyone access a Mac if it was left unattended or stolen.

The bug was found by Turkish developer Lemi Ergin, who faced criticism for not following responsible disclosure guidelines, BBC reported.

The flaw was also pointed out on Apple support forums over two weeks ago, but was suggested as a workaround to solve issues with the computer rather than as a security issue.

While it works to address this, Apple said that users could block people accessing their Macs in this way with a temporary fix.

The company said: “Setting a root password prevents unauthorised access to your Mac. To enable the root user and set a password, please follow the instructions here.

If a root user is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘change the root password’ section.

A new system update is expected to be rolled out soon that will protect computers from this issue.

Read: Here are the Paradise Paper highlights – and why they matter

Read: Apple and Google to be asked to appear before the PAC to explain their tax affairs

Send a tip to the author

Sean Murray


This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

    Leave a comment

    cancel reply
    Back to top