macOS High Sierra Root User Bug (How to Fix It)


Update: Apple has rolled out an inmergency patch (Security Update 2017-001) for the bug and all High Sierra users are recommended to install this update as soon as possible.

macOS High Sierra, Apple’s latest version of operating system for Mac computers, has been discovered to exist a critical flaw, which allows anyone to log in without a password to a Mac running High Sierra as a root user. Unbelievable? Lemi Orhan Emrin, a Turkish software engineer, first announced the bug in a tweet on Tuesday. That means attackers can easily gain root access to your Mac if he or she has physical access to your Mac or can get through via screen sharing, VNC, or remote desktop.

The flaw affects only Macs running High Sierra (macOS 10.13). Macs running Sierra or earlier versions of the OS did not appear to be not affected by the bug yet.

We have reproduced this bug on the testing machine. Here’s how it works: head to the System Preferences > Users & Groups, click the Lock button, enter the word “root” for the username when prompted, then leave the password field blank, and hit Unlock button repeatedly. After a few times of attempts, you will be be granted access.

Doing the steps above will create an account with super privileges, and you are suggested not to try out the bug on your Mac running High Sierra. Our tests indicate that this flaw can be exploited to alter a user’s system settings, including changing key security preferences like disabling the firewall or storage drive encryption. The “root” account can be used to look up passwords on the keychain access.

“We are working on a software update to address this issue,” an Apple spokesperson told iMore. “In the meantime, setting a root password prevents unauthorized access to your Mac. To enable the Root User and set a password, please follow the instructions here: If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘Change the root password’ section.”

Before Apple provides a update for this issue, you can do these steps to fix the bug:

  1. Launch Terminal from Spotlight, in Launchpad or via Finder.
  2. Type in e: sudo passwd -u root, and hit Enter/Return key.
  3. Enter and confirm the Root User Password for the new created account.

Note that disabling the Root User cannot fix the bug. That will reset the password to blank and allow the exploit to work again.

Share this news to anyone you know are currently running the High Sierra on their Macs.




Leave a reply