Close Menu
Geek ThingyGeek Thingy
    What's Hot

    Sony Xperia 1 VII launched with familiar design, better hardware, Walkman features

    May 13, 2025

    Tecno Spark 40 Pro+ will be powered by MediaTek Helio G200

    May 12, 2025

    Helio G200 vs G100: New chipset launched with improved gaming and battery life

    May 12, 2025
    Facebook X (Twitter) Instagram
    • Galaxy Home 2
    • Xperia Album Alternatives
    • Prototype 3 Release Date
    Facebook X (Twitter)
    Geek ThingyGeek Thingy
    • Home
    • News

      Sony Xperia 1 VII launched with familiar design, better hardware, Walkman features

      May 13, 2025

      Tecno Spark 40 Pro+ will be powered by MediaTek Helio G200

      May 12, 2025

      Helio G200 vs G100: New chipset launched with improved gaming and battery life

      May 12, 2025

      Xperia 1 VII may have a boring design, but its ‘Walkman’ features have the fans excited

      May 11, 2025

      HUGE Sony Xperia 1 VII leak reveals everything we need to know about the 2025 Xperia flagship

      May 11, 2025
    • Mobile
      • Apple
      • HTC
      • LG
      • Samsung
      • Sony Xperia
    • Kickstarter
    • Apps
    • Contact
    Geek ThingyGeek Thingy
    Home » Blog » MacOS High Sierra Password Bug Causing An Uproar; Here is how to fix it
    Apple

    MacOS High Sierra Password Bug Causing An Uproar; Here is how to fix it

    Dylan AllanBy Dylan AllanNovember 29, 2017Updated:November 25, 2020No Comments4 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    A new macOS High Sierra bug is letting any stranger to have a root access to your system
    Share
    Facebook Twitter LinkedIn Pinterest Email

    A new bug has been spotted on macOS High Sierra that allows anyone to have root access to your system.

    Those of you who have a MacBook or iMac will have seen and are probably on High Sierra. Unbeknown to many, people can actually access your Mac’s without knowing your password. However, they will need physical access to your Mac.

    The Mac “Hack”

    You are now probably worried. “Someone can access my Mac without my password?!”. At this current moment in time, yes, they can. However, Apple is working on a fix as we speak.

    Regarding the hack, there are two possible types. The first type is those that require a flaw in the software and the other is not actually a hack at all. In fact, it is literally asking to be let in. Sounds crazy right?

    You would be surprised how easy it actually is to break Apple’s security system.

    Thankfully, this only affects those who have it set up to require a username and password when logging in. However, instead of using your actual log on, the person trying to gain access can simply type “root” in as the username. Now, you would probably expect to hear some overly complicated way to gain access. I’m afraid not, the person trying to gain access simply has to hit log in twice, with the password blank, and there you go. It’s really that simple and to many; very scary!

    What is “root”?

    Hackers around the world are constantly trying to gain access to the root directory. Many fail time after time as newer and more secure updates are released. However, Apple has simply handed root access to hackers on a big shiny silver platter.

    Not only that, but the hacker literally has to do ZERO work to gain access.

    But what is root? In simple, the root is an administrator account or known to many as a superuser. From the name superuser, you can probably tell that it is very powerful.

    The scariest part, if the hacker gains access to your Mac and logs on as root, they can then do one simple step to then gain access to your Mac whenever and wherever they want. As with any user account, you can change the password. This is the exact same for the root user. This means that the hacker can quickly log onto your Mac as root, change the root password and then access it from the comforts of their own home.

    Can it be fixed?

    YES. This ridiculous bug in the Apple security system can be “fixed”. Apple is currently working on a fix that will be rolled out very soon. However, for those worries out there, you can fix it yourself.

    Follow the steps below if you don’t want to wait for Apple’s fix;

    Firstly, you want to navigate to the Apple menu (), then System Preferences followed by Users & Groups (Accounts).

    Next, click on the little padlock and enter the admin name and password.

    You will want to find the Login Options and then click Join or Edit.

    Then, click Open Directory Utility and then the little padlock again. This will then prompt for the admin user and password again.

    Finally, while in the Directory Utility, select Edit and then Change Root Password.

    There you have it, your own little nifty fix to the annoying and possibly threatening bug Apple left in (an accident of course).

    Why wasn’t it found sooner?

    High Sierra has been out for a while, there have been a few minor updates but not once was there mention of this root hack. The reason is actually quite simple. Apple doesn’t offer a bug bounty for MacOS.

    You might be confused as you have probably heard about Apple’s bug bounties. However, the only bounties they have are for iOS. There aren’t any for security vulnerabilities in MacOS. Therefore, no one was actually looking for any bugs in MacOS.

    The only reason it was found now is due to a Turkish software developer, Lemi Orhan Ergin. Funnily enough, he wasn’t actually trying to hack MacOS. Instead, the security staff at his company found it after trying to help a user get back into their account.

    Thankfully, it was reported to Apple and they have said they are working on a permanent fix. So sit tight and don’t let strangers access your Mac!

    Source

    Apple bug bug bounty Computers iMac Mac Mac Thingy Macbook root hack root user superuser
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Dylan Allan
    • Website
    • Facebook
    • X (Twitter)

    21 Year old, UK, IT guy who writes freelance in his spare time. Main areas of interest are tech and gaming.

    Related Posts

    Sony Xperia 1 VII launched with familiar design, better hardware, Walkman features

    May 13, 2025

    Tecno Spark 40 Pro+ will be powered by MediaTek Helio G200

    May 12, 2025

    Helio G200 vs G100: New chipset launched with improved gaming and battery life

    May 12, 2025

    Xperia 1 VII may have a boring design, but its ‘Walkman’ features have the fans excited

    May 11, 2025
    Add A Comment
    Leave A Reply Cancel Reply

    Latest Posts

    Sony Xperia 1 VII launched with familiar design, better hardware, Walkman features

    May 13, 2025

    Tecno Spark 40 Pro+ will be powered by MediaTek Helio G200

    May 12, 2025

    Helio G200 vs G100: New chipset launched with improved gaming and battery life

    May 12, 2025

    Xperia 1 VII may have a boring design, but its ‘Walkman’ features have the fans excited

    May 11, 2025
    Geek Thingy
    Facebook X (Twitter)
    • About
    • Contact
    • Advertise
    • Privacy
    • Terms
    • Cookie
    • Comment
    • Affiliate
    © 2025 Geek Thingy.

    Type above and press Enter to search. Press Esc to cancel.

    Go to mobile version