emfizz.com December 17, 2017

Updating macOS High Sierra Could Reactivate Root Password Vulnerability

04 December 2017, 01:49 | Patty Hardy

In the operating system macOS High Sierra found a serious vulnerability

Apple releases security update to fix login bug in macOS High Sierra operating system

The update fixes serious concerns of vulnerability that allowed anyone to log into a Mac without entering the password.

Several users have now discovered that updating to the latest version of macOS High Sierra undoes the security patch released recently that's meant to fix a critical security flaw.

The vulnerability was disclosed by a user on Tuesday on Twitter.

The issue, discovered in the macOS High Sierra operating system for laptops and desktops that was released in September, would let anyone enter the word "root" when prompted for a username, and provide no password when logging on to the device. All Macs running High Sierra appeared to be affected.

If you had yet to upgrade to the very latest version of High Sierra - that is, you were running 10.13.0 - and you install the patch and THEN upgraded to 10.13.1, the "root" access bug rears its head once again.

You'd think that would be the end of Apple's software troubles for this week, but you'd be wrong.

Egypt presidential hopeful returns home
Upon landing in the Egyptian capital, Shafik quickly left to an unknown destination, an airport official said. Charges were laid down against him, but he was acquitted of some, while the others were dropped.

Rob Gronkowski apologizes for late hit on Bills' Tre'Davious White
Gronkowski did apologize for the hit following the game, saying he just got caught up in emotions and was frustrated. White, was walked off the field with the help of trainers, and is being evaluated for a head injury.

Does Qualcomm Incorporated (NASDAQ:QCOM) Have Gas After Even Less Sellers Involved?
It fall, as 43 investors sold HRS shares while 198 reduced holdings. 72 funds opened positions while 176 raised stakes. Looking at some ROIC (Return on Invested Capital) numbers, QUALCOMM Incorporated (NasdaqGS:QCOM)'s ROIC is 0.116488.

The solution is a simple one - but one that has not been made sufficient clear by Apple. That would permit unfettered access to the file system for a Mac, exposing private documents on that particular computer. To enable the Root User and set a password, please follow the instructions here: https://support.apple.com/en-us/HT204012.

In a Medium post today, Ergin today said his Twitter disclosure about the Mac bug was met with "many reactions like a blast". Even if it's not as abysmal as the original root bug, this still reflects badly on the security of Apple's OS, which the company has long boasted as one of the elements that make Macs better than PCs.

Developers can download the macOS Developer Beta Access Utility from the link below...

"Oh my god that should not work but it does", another user responded yesterday on the forum.

"A password prompt that authenticates as root with an empty password would be a black eye for any OS". While the security update is now available for download from Mac App Store, Apple said it will also be automatically installing the patch on all Macs running macOS High Sierra 10.13.1.

Apple seems to be doing badly in ensuring Macs are secure.

Other News

Trending Now

Apple to design its own power management chips
Shares of Dialog - which relied on Apple for 74% of its revenue in 2016 - dropped by as much as 19% when the report was released. The firm has a market cap of $881,820.00, a PE ratio of 18.81, a price-to-earnings-growth ratio of 1.39 and a beta of 1.25.

Ireland's Coveney says breakthrough on Brexit border issue 'doable' by December summit
Open access will have to end when Britain leaves the single market and customs union, the Commons exiting the EU committee said. In fact, both Northern Ireland and Scotland voted to remain in the European Union by margins of 55.8% and 62% respectively.

Goldman Sachs Cuts Rating of Marathon Petro (NYSE:MPC) To a Hold
Berkshire Asset Management LLC PA increased its holdings in shares of Marathon Oil Corporation by 0.8% in the second quarter. Shareholders of record on Thursday, November 16th will be given a dividend of $0.40 per share. 29,944 are held by Texan Cap.

1 killed, several hurt after driver hits NYC crowd
A New York Police Department detective said the driver targeted the victims in Queens, but terrorism is not suspected. Police still were sorting out the details, but said there was a dispute before a man drove into the people.

Spain coach Lopetegui shows respect for rivals following World Cup draw
Mutko was the Minister of Sport between 2008 and 2016 and is the head of Russia's World Cup organizing committee. MOSCOW , Iran national football team coach Carlos Queiroz says there are times when mouse escapes from cat .

Giancarlo Stanton rumors: Marlins have trade framework in place with Giants, Cards
Miami's season ended a little over two months ago, so the team has acted quickly to try to move its best player. So the matter is in Stanton's court, and maybe the Dodgers' - and there's no deadline.

Clemson, Oklahoma, Georgia, Alabama in College Football Playoff
Clemson entered selection day with eight wins over teams with a.500 or better record, including victories over Auburn and Miami. Alabama is the only team to earn a spot in every College Football Playoff since the format began.

Tiger Woods, live scores, Day 4 highlights
Tiger Woods endured a reality check on Saturday after an error-strewn round saw him tumble down the leaderboard at the Hero World Challenge.

Big Ten Championship: A lot on the line for both teams
However, Wisconsin does have the better defensive unit as the Badgers are only giving up 12.0 points on defense and 236.9 yards. Only six days after surgery, Barrett will start the game as planned for Ohio State, Meyer told FOX before the game.

Oklahoma vs. Georgia Odds: Point Spread for Rose Bowl
Georgia (12-1) will make its first appearance in Pasadena since 1943, when it defeated UCLA 9-0 and won the national title. Mayfield has completed 71 percent of his passes for 4,340 yards, 41 touchdowns and five interceptions this season.