Updating macOS can bring back the nasty "root" security bug

Share

Furthermore, however, the root security fix doesn't reinstall as seamlessly for those who are installing again after updating their machine to macOS 10.13.1. However, the company has not yet provided any definitive date for the next software update. "Are you aware of it @Apple?" his tweet said. "Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra".

Numerous users have confirmed to Wired that Apple's hastily rolled out bug fix is far from flawless itself.

This has been an incredibly awful week for Apple's operating systems.

Why NatWest is closing its Gorleston High Street branch
Our contact centres are open 24/7 and teams are trained to answer nearly every query at first point of contact. A spate of bank closures have been announced across the Peterborough area. .

Forbes writer Thomas Fox-Brewster wrote yesterday that the bug "may go down as one of the most embarrassing vulnerabilities in Apple history". However, if your device is running the 10.13.2 beta, you will likely have to wait until the next build is released.

The serious vulnerability has been identified as CVE-2017-13872, which has been fixed by Apple through Security Update 2017-001 for macOS 10.13.1 on Wednesday. "In the meantime, setting a root password prevents unauthorized access to your Mac".

Affected users can change their root password as a fix in the meantime.

Auto prices hit record high, but USA automakers see mixed November sales
But at GM, sales fell to 245,387 vehicles, down 2.9 percent and falling far short of Edmunds' forecast for a 1.8 percent gain. Ford said Explorer deliveries jumped 25 percent, while the F-Series truck line had its best November since 2001.

"If the root user is already active, you need to make sure that the password is not empty", added Apple. Reportedly, users who had "not yet upgraded their operating system from the original version of High Sierra 10.13.0, to the most recent version 10.13.1, but had downloaded the patch, say the "root" bug reappears when they install the most recent macOS system update".

While Ergin's disclosure has received widespread attention, the bug was actually reported earlier this month in a Apple Developer Forum thread about macOS High Sierra. The flaw allowed a user to gain admin access to the PC without the owner's password just by using "root" as the user name and clicking the unlock button two times to get in. "This is really REALLY bad".

Several experts have lambasted Apple for allowing the vulnerability in the first place.

Hafiz Saeed's JuD to contest 2018 general elections in Pakistan
Nine of the Mumbai attackers were killed by police while lone survivor Ajmal Kasab was caught and executed after a trial. Saeed has also accused India of putting up baseless claims against him. "This had been done to harm the Kashmir cause".

Share