By the next morning, Apple released a patch and pushed it out to all High Sierra users. Thankfully, Apple responded quickly after the bug became widely known. If a system running High Sierra had Screen Sharing enabled, it was even possible to exploit the vulnerability remotely, without having physical access to the Mac. On November 28, the world became aware of a major security vulnerability in macOS High Sierra that could allow an attacker to enable the “root” administrator account on a victim’s Mac.Ī bug was introduced in macOS High Sierra 10.13, and remained in 10.13.1, that allowed an attacker to invoke a system authentication dialog box, type “root” (the name of a powerful UNIX administrator account that’s disabled by default in macOS), and either enter no password or a password of their choosing, and macOS would enable the root account with the attacker’s chosen password. The biggest news of the month is still fresh in our memory. Read on for the details! I Am Root: Major Root-Access Flaw in High Sierra
What a month! November brought to light a huge security vulnerability affecting macOS High Sierra, plus Mac malware that masquerades as anti-virus software, and specially crafted masks can fool Face ID (despite Apple’s claims). Security News Month in review: Apple security in November 2017
0 kommentar(er)
