With the latest system updates provided by Apple, the users expect a better and more efficient system for their devices. However, the MacOS High Sierra update suggested otherwise.
Turkish software developer, Lemi Ergin, discovered the Root bug by simply entering “root” in the username field while leaving the password field blank. Upon gaining access, the administrative privilege can be used to modify system files.
According to Ergin, the security staff at his company encountered the issue while trying to help a user recover his account. Upon discovery, they tried it on their own machine, and the security breach occurred once again.
According to Express , Apple immediately took the necessary action upon the disclosure of the serious flaw of its software update. Within hours, the company addressed the issue and released a fix. Apple issued an apology and asked the users to set a root password for the meantime to prevent unauthorized access. The users were asked to change the root password to ensure that a blank password won’t enable hackers to gain access.
To fix the alarming security breach, a software update was made available for download. The update will automatically be installed on all systems running the latest version (10.13.1) of MacOS High Sierra.
Dear @AppleSupport , we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as “root” with empty password after clicking on login button several times. Are you aware of it @Apple ?
— Lemi Orhan Ergin (@lemiorhan) November 28, 2017
Back in June, Apple announced the MacOS High Sierra update, and it was made available to users by September. The update came with features that enable MacBooks and iMacs to work more efficiently. It introduced new core technologies that would improve the most essential functions of Mac. The efficiency of video streaming and an improved graphics processor were included in the software update. Apple File System was introduced, in which a new level of security and responsiveness was offered.
Apple was not aware of the bug until it was disclosed on Twitter. This caused users to be worried and alarmed as it suggested that the security of the company’s software is not as faultless as the users thought it was. Also, people frowned upon the public disclosure of the bug before directly addressing to Apple due to the fact that hackers were informed first.
Apple is currently faced with several security issues. Earlier this month, the Face ID feature of iPhone X was criticized for being fooled by a 3D mask.
