Apple has released Security Update 2017-001 to fix a vulnerability that enables access to the root superuser with a blank password on any Mac running macOS High Sierra version 10.3.1. Lemi Orhan Ergin revealed the security issue for macOS High Sierra on Twitter the other day. Anyone can -- or, rather could -- login as “root” with no password required. It turns out that the issue in question works with any authentication dialog in High Sierra.
Post a Comment