Apple seems to have left open a huge security flaw in its newest operating system for MacBook and iMac models. MacOS High Sierra, which was introduced at WWDC 207 conference earlier this year, is reportedly letting anyone login to the PC without feeding the password of the account holder.
This massive flaw was revealed by a user on Twitter “Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as “root” with empty password after clicking on login button several times. Are you aware of it @Apple?,” tweeted a user named @lemiorhan.
It is said that users would simply have to login as ‘root’ and leave the password field blank followed by pressing enter. This will simply let him/her to access the PC without adding a single string of code.
Buzzfeed’s John Paczkowski got in touch with Apple regarding this security loophole. The Cupertino-based tech firm said that it is aware of the issue and is working on resolving it. The solution will be coming as a part of a software update soon. Apple has also given users an easy fix for the time being.
“We are working on a software update to address this issue. In the meantime, setting a root password prevents unauthorised access to your Mac. To enable the Root User and set a password, please follow the instructions here: https://support.apple.com/en-us/HT204012. If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘Change the root password’ section,” said the company in a statement.
How to fix the security flaw?
– Open System Preferences
– Choose Login Options
– Click on Join option, besides the Network Account Server
– In the small dialog box, click Open Directory Utility
– In the Finder bar, click Edit
– Choose the ‘Change Root Password’ from the drop down menu
– Pick a strong password.