MacOS High Sierra security flaw fixed

A bug in macOS High Sierra Read more hereApple

To verify that number, choose  About This Mac and click the Version 10.13.1 line.

Although the community identified the primary attack vectors yesterday, it's possible that there are others that are not blocked by changing the root password or disabling remote access.

Apple has advised its customers who may be affected to set a password for the device's root user, which should stop people exploiting the vulnerability.

Kudos to Apple for readying a fix so quickly, but a security hole as big as this should never have got past quality control in the first place. It works when High Sierra displays the username and password login field after accessing "Users & Groups" through the Mac's System Preferences application, and the lock icon is clicked.

A bug in macOS High Sierra Read more hereReuters
A bug in macOS High Sierra Read more hereReuters

Tyler Moffitt, Senior Threat Research Analyst at Webroot described the bug as "devastating" but was relieved to learn that, "as of right now, there is not any mention of malware that leverages this security flaw". In addition, if a Mac user has "screen sharing" enabled, perhaps from a previous IT support issue, the root login can be used to remotely view the users screen without them knowing, or login remotely. Imagine a piece of malicious code created to attack Macs using the same flaw. "If a Root User is already enabled, to ensure a black password is not set, please follow the instructions from the "Change the root password" section". If, for some odd reason, you can't update your Mac immediately, you can apply a temporary Band-Aid by enabling a root user on your Mac. Are you aware of it @Apple?' MacOS High Sierra has been shipping for months. "This is really REALLY bad". Launch a Terminal window and type "sudo passwd -u root", then enter your password, and then enter a new password for the root user.

The company admitted it "stumbled" with the latest release of MacOS.

The flaw has since been closed by Apple with an update released Wednesday morning.

In the case of a fix for this latest vulnerability, "I would imagine [Apple] will be pushing it out as a high priority", Cluley said.

Related News:

  • IN  teacher caught allegedly using cocaine in  classroom

    IN teacher caught allegedly using cocaine in classroom

    A hunt of her auto turned up purge thwart pieces, a glass pipe, plastic baggies that had been torn open and two improvised straws. In the YouTube video, you can see Cox hunched over in the corner of the classroom creating lines of something on a book.
    Manchester City defeat Huddersfield, set record

    Manchester City defeat Huddersfield, set record

    He said: 'Yes, of course, it's a big honour for me to make 200 appearances for Chelsea , a big club. City have now won their last 11 Premier League matches and 18 in all competitions.
    Meredith to buy Time Inc. for $1.85 billion

    Meredith to buy Time Inc. for $1.85 billion

    The deal is valued at $1.84 billion based on the offering price and number of shares of Time outstanding on September 30. The Meredith Corporation already owns Family Circle , AllRecipes and Better Homes and Gardens .
  • Harvey Weinstein Sued for Alleged Cannes 'Sex Trafficking'

    Harvey Weinstein Sued for Alleged Cannes 'Sex Trafficking'

    The complaint then lays out its reasons for naming The Weinstein Company and Bob Weinstein as co-defendants. Once there, she alleges that Weinstein started massaging her and then groped her breasts and buttocks.
    Trump insults Native Americans at event to honor group

    Trump insults Native Americans at event to honor group

    She told the Associated Press in 2012 that her parents told her (and her siblings) that they had Native American heritage. Eric Trump tweeted on Tuesday what appeared to be a comparison of President Trump calling Sen.
    Apple iPhone X unlocked again via Face ID using a mask

    Apple iPhone X unlocked again via Face ID using a mask

    The same Vietnamese security researchers who tricked an iPhone X using a $150 3D-printed mask have done it again. The new method of fooling Face ID is said to be even more accurate than the first.
  • Julio Jones stuns as Falcons win over the Bucs

    Julio Jones stuns as Falcons win over the Bucs

    In addition, he became the first player ever to have three games with at least 250 receiving yards in his career. If nothing else, Jones will provide Atlanta a scary threat as long as he is healthy over the next few years.
    Lennie James Featured In The Walking Dead & Fear the Walking Dead Crossover

    Lennie James Featured In The Walking Dead & Fear the Walking Dead Crossover

    The Walking Dead's Morgan Jones, played by Lennie James , will be featured in a story connecting the two zombie apocalypse series. It will be fascinating going forward to find out precisely how this switcheroo will work.
    White House official: Trump won't campaign for Roy Moore

    White House official: Trump won't campaign for Roy Moore

    Moore denied the allegations and claimed the story was planted by Senate Majority Leader Mitch McConnell (R-Ky.). Moore was accused by multiple women of pursuing them as teenagers when he was in his early 30s.
  • Outrage: Melania Trump Hangs a Sprig of Mistletoe in the White House

    Outrage: Melania Trump Hangs a Sprig of Mistletoe in the White House

    Children visiting the White House this year repeatedly told Melania, wearing a white dress, that she looked like an angel . For her entrance from the residence into the Grand Lobby, ballet dancers performed to The Nutcracker .
    Jeremy Piven suggests his show has been canceled

    Jeremy Piven suggests his show has been canceled

    He has been accused of similar conduct by Longmire's Cassidy Freeman , and advertising executive Tiffany Bacon Scourby . Wisdom was CBS' lowest-rated scripted Sunday show, averaging 7.4 million viewers and a 1.0 18-49 demographic rating.
    Leicester City's Claude Puel charges Riyad Mahrez to show more consistency

    Leicester City's Claude Puel charges Riyad Mahrez to show more consistency

    Well it is now despite their second-half efforts and a host of missed chances when they should have actually salvaged this. It was a trademark finish from the Algerian.


Most liked

Apple has a new YouTube channel full of iPhone tips and tricks
With picture in picture mode, WhatsApp users will also be able to keep watching the video as they do other stuff on the app. The second category includes colorful videos highlighting specific iOS 11 features, such as the iPad's new dock.

England all-rounder Ben Stokes headed for New Zealand, not Ashes
The series continues on Saturday when Australia and England play their only day-night Test Match of the series, in Adelaide.

YouTube goes after child-exploiting channels and videos
There simply aren't enough humans to monitor so much video, and many claim the protective algorithms in place often don't work. Campaigners have warned that pedophiles were targeting the videos posted on YouTube.

AC Milan Sack Montella As Manager, Appoint Gattuso
His coaching career has been a mixed bag, although never tiresome . Gattuso, of course, played for Rangers from 1997 to 1998. Gattuso takes charge at the San Siro.