Research

Horrifying macOS Bug Lets Anyone Become Admin With No Password

Horrifying macOS Bug Lets Anyone Become Admin With No Password

A bug in the latest versions of macOS High Sierra allows users to create a root account with no password by repeatedly pressing a button in the preferences panel.

"We are working on a software update to address this issue", explained Apple when reached for comment.

However, should a vulnerable machine also happen to have screen sharing turned on, it is reportedly remotely vulnerable as well. But given the cartoonish extremity of this bug, chances are a fix will be available soon. Changing the root password is the workaround for now. Even so, anyone running any version of High Sierra should take the utmost precaution with their systems until Apple sorts this entire mess out.

Once you've done that, the root account will be password protected, and your Mac should be safe. MacOS users may want to mitigate the issue themselves by assigning a root password or disabling the root account in System Preferences - User Groups on your Mac device. (The company maintains an invite-only bug bounty program.) Despite its incredibly alarming simplicity, The Verge is not reproducing the steps to bypass High Sierra's login screen here. "Imagine a locked door, but if you just keep trying the handle, it says "oh well" and lets you in without a key", he wrote on Twitter. Users can prevent an attacker from exploiting a bug by creating a "root" account themselves and giving it a custom password.




Users can click on the login options button, then select the join network account server option.

Currently, there is no official fix from Apple regarding the issue. Click the lock to make changes and enter the administrator name and password.

Many people have confirmed Ergin's discovery, and if you're running High Sierra, you can check it yourself.

Click in the Directory Utility window, then enter an administrator name and password.