Login as root on MacOs High Sierra — security vulnerability

Who is vulnerable?

Everyone who haven’t disabled the guest user account and didn’t change the default root password in MacOs High Sierra.

How can i test this issue on my Mac?

Just try to login to your Mac using root as username and leave the password field blank. If you’re (un)lucky, you’ll can login to the system as root after pressing the login button several times. The same issue could be tested in System Preferences > Users & Groups after enabling edits. Try to login as root user with a blank password:

How can i prevent my system to be hacked?

If you can’t wait for an official fix, you can use some workarounds to keep your system safe:

UPDATES:

Apple has already fixed this issue. Here you can find a very interesting article that explains in depth the causes of the vulnerability: https://objective-see.com/blog/blog_0x24.html.

--

--

Full stack developer — CEO @ LuckySeven. In love with technology, my mission is to learn something new every day!

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alberto Fecchi

Alberto Fecchi

Full stack developer — CEO @ LuckySeven. In love with technology, my mission is to learn something new every day!