Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 11 MINUTES AGO.
You are here: Home / Data Security / Apple Issues Fix for Vulnerability
Apple Issues Quick Fix for Mac Password Vulnerability
Apple Issues Quick Fix for Mac Password Vulnerability
By Samantha Masunaga Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
NOVEMBER
30
2017
Apple Inc. said an update was now available to fix a security issue in its latest Mac operating system that enables people to log in to Mac computers without knowing the password.

The Cupertino, Calif., tech giant said Wednesday that as of 8 a.m., the update was available for download and that later in the day it will be automatically installed on all systems running the latest version of MacOS High Sierra.

"Security is a top priority for every Apple product, and regrettably we stumbled with this release of MacOS," the company said in a statement. "We are auditing our development processes to help prevent this from happening again."

A software developer unaffiliated with Apple publicized the problem Tuesday, saying people could log in to Apple computers running MacOS High Sierra by entering the user name "root" and no password, then clicking the login button several times.

The "root" user account is generally used by computer administrators and gives "read and write privileges to more areas of the system, including files in other MacOS user accounts," according to Apple.

The issue had been described online previously, including in the Apple Developer Forum earlier this month, but received more attention after Lemi Ergin, a Turkish software developer, tweeted about it Tuesday, asking Apple if it was aware of the "huge security issue."

In a Medium post published Wednesday, Ergin said staffers at a company he works for discovered the issue while trying to help a co-worker recover access to his local administrator account. The staffers used the flaw to recover the account and informed Apple about the problem last week, he said.

"I have no intention to harm Apple and Apple users," Ergin said in the post. "By posting the tweet, I just wanted to warn Apple and say 'there is a serious security issue in High Sierra, be aware of it and fix it.'"

Apple said in its statement that its security engineers became aware of the issue Tuesday afternoon and that the company "immediately began working on an update that closes the security hole."

© 2017 Los Angeles Times under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: Apple.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN DATA SECURITY

NETWORK SECURITY SPOTLIGHT
Britain's cybersecurity agency has told government departments not to use antivirus software from Moscow-based firm Kaspersky Lab amid concerns about Russian snooping.

ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.