We may earn a commission for purchases made using our links.

If you thought Apple had unusual trouble stabilizing iOS 11 and ironing out the many annoying kinks that probably held back iPhone and iPad users from updating to the latest platform version, wait until you hear about a newly discovered macOS security issue.

This may well be the most embarrassing misstep made by Cupertino’s software engineers in a long time, and no one can understand how something so simple and dangerous escaped QA’s radar in the first place.

Basically, anyone with physical access to a computer running macOS High Sierra 10.13.1 can easily obtain so-called “superuser” rights, whether they’re the rightful owner of the device or not.

All they have to do is go into System Preferences, then Users & Groups, click on the little lock icon, and enter the user name “root” with no password required. As long as the actual Mac’s user never enabled the root option to gain “read and write privileges to more areas of the system, including files in other macOS user accounts”, any malicious individual can break in by leaving the password field empty and pressing enter a couple of times.

Ironically, Apple’s support webpages recommend you not routinely use the root user account, but in this particular case, you’re actually advised to set a strong (or weak) password for access to special Mac privileges. That way, it’ll be a lot harder for someone out to get you to disable FileVault encryption, turn off your Firewall or wreak all kinds of havoc, including locking you out of your own computer.

What’s even worse is that, if you don’t do the above, the security hole could also leave you open to a breach of security where standard Mac logins wouldn’t require a password either.

For what it’s worth, Apple is obviously preparing a comprehensive fix in addition to strongly recommending Root User activation and password selection as a temporary workaround.

You May Also Like
MIUI 12 stable beta starts rolling out for Redmi Note 8 Pro
The Redmi Note 7 and POCO F1 are expected to receive the final and stable beta version of the software next.
Looking for a morally good laptop? Try the Librem 14
Ethical, secure, freedom-friendly technology gear is becoming increasingly rare. Thankfully, some are prioritizing that; like the new Librem 14.