Major #apple security flaw grants admin access on macOS High Sierra without password

Tech

There seems to be a major flaw in Apple’s macOS High Sierra operating system that allows anyone with physical access to a Mac to gain system administrator access without so much as entering a password.

The vulnerability was publicly disclosed on Twitter this afternoon; it’s not clear whether the problem was privately reported to Apple ahead of time, which is the encouraged practice when security vulnerabilities are uncovered. (The company maintains an invite-only bug bounty program.) Despite its incredibly alarming simplicity, The Verge is not reproducing the steps to bypass High Sierra’s login screen here.

However, The Verge has been able to confirm the major security issue remains present as of MacOS 10.13.1, the current release of…

Continue reading…

Comments