Apple has quickly released a security patch to fix a flaw in macOS High Sierra that lets a user gain root access without a password. It had previously issued a temporary workaround to patch the vulnerability.
[UPDATED] with a statement from Apple.
You can read the support page for the patch—Security Update 2017-001 here.
Apple is urging customers to “install this update as soon as possible” in the update description.
If you’re running macOS High Sierra, download and install this update immediately.
Just open the Mac App Store and you should be able to see the update available for download.
The vulnerability was discovered by developer Lemi Orhan Ergin, who tweeted about the exploit.
You can easily gain root access in the login screen, System Preferences Users & Groups tab and File Vault.
— Lemi Orhan Ergin (@lemiorhan) November 28, 2017
All one needs to do is enter “root” in the username field, and leave the password field blank, then hit “Enter” a couple of times.
It’s pretty scary stuff.
Prior to Apple’s patch, you can fix the vulnerability by setting a root password.
This is easily done via Terminal:
sudo passwd -u root
Apple released a statement regarding the issue:
Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
Are you running macOS High Sierra?