Updating to macOS 10.13.1 Undoes Apple's 'Root' Bug Patch

Share

You'd think that would be the end of Apple's software troubles for this week, but you'd be wrong. But he found that, until he rebooted, he could even then type "root" without a password to entirely bypass High Sierra's security protections. "And worse, two of those Mac users say they've also tried re-installing Apple's security patch after that upgrade, only to find that the "root" problem still persists until they reboot their computer, with no warning that a reboot is necessary". "I can't think of anything worse that has been shipped by a major operating system in the past decade".

The solution is a simple one - but one that has not been made sufficient clear by Apple.

One small bright spot may be that the vulnerability requires local access and appears hard, though not impossible, to exploit remotely.

Spain coach Lopetegui wary of World Cup rivals
As Iran coach, my goal is to make it hard for both, as well as Morocco. It's going to be a hard tournament", Portugal coach added.

Soon after the discovery of the vulnerability, an Apple representative told reporters MacRumors that the company is aware of the issue and is working on a software update to fix it. That would permit unfettered access to the file system for a Mac, exposing private documents on that particular computer. It has been confirmed that the issue exists in the High Sierra version of the operating system.

Affected users can change their root password as a fix in the meantime. To do this in the settings section "Users and groups" click on the button with a lock.

While Apple was commended for its overnight fix of the critical macOS root security hole earlier this week, updates that are developed so quickly rarely come without issues. A user responding to a question about creating an admin account in the operating system noted on November 13 that one solution was to log in at startup with the username "root" and an empty password.

Most Shocking Stock Movements: MEDNAX, Inc. (MD), Occidental Petroleum Corporation (OXY)
PRICE T ROWE ASSOCIATES INC /MD/ also announced decreased position in Occidental Petroleum Corporation (OXY) during the quarter. It dropped, as 15 investors sold NANO shares while 44 reduced holdings. 72 funds opened positions while 315 raised stakes.

The vulnerability was disclosed by a user on Tuesday on Twitter. "This is really REALLY bad".

It's believed that the first time you click Unlock the root account is enabled and the second time you click unlock you gain access.

Apple seems to be doing badly in ensuring Macs are secure.

Earnings Clues on Discovery Communications, Inc. (DISCA), Celgene Corporation (CELG) Analyst's Predictions
The biopharmaceutical company reported $1.91 earnings per share for the quarter, topping the consensus estimate of $1.87 by $0.04. Also, insider Terrie Curran sold 1,727 shares of the business's stock in a transaction that occurred on Monday, September 25th.

Share