Thursday, November 30, 2017

New Mac Flaw - Anyone Can Login to Your Mac PC as “Root”

When the FBI was unable to unlock a perp's phone, it made to start having these thoughts that Apple made products are the most secured devices in the planet, because their OS is made and only maintained by Apple themselves. But that belief was questioned when Krack Wifi exploits affected Apple devices too and are more questioned now it's been revealed that anyone can log in and gain access to MacOS just by using the word “Root” as their username.
MacOS Flaw

The flaw was sighted on an Apple PC running the latest macOS High Sierra operating system by a by software engineer Lemi Orhan Ergin. This flaw definitely tops my 2017 list of top ten flaws found in Apple products which iPhone X's face ID failure was leading before now. This newly found flaw in Apple MacOS security allows anyone to gain the complete control over your password-protected computer without any password and using the word  “Root” as their username.

This way, anyone can login to a computer just after a reboot. After hitting the enter button a few times, you’re instantly logged in as a superuser, getting read/write privileges on system files.

I took it upon myself to make a few searches and do confirm this flaw, as I am not with any Mac PC, and to my surprise, I discovered that this same flaw has been discussed in Apple developers forum, but nobody thought it will later have this kind magnitude. And this root login vulnerability in macOS High Sierra poses a huge threat now as any mischievous mind that gain access to your MacOS can do tons of harmful things which may include;

1.   Copying your personal data and selling them

2.   Install a malware that gives him/her a backdoor to your PC

3.   Making changes to essential files, etc.

So, you are advised not to leave your Mac attended unless you fix this problem.


How to fix “login as root with no password” flaw in macOS?


To be frank, these recent flaws must be really really embarrassing for the Cupertino, California guys, especially after it was discovered that iPhone X not only couldn't differentiate between a mom and her son, can also be fooled by a still 3D mask

Be that as it may, let me remind you that no one is more responsible for your own security more than you are, so don't just wait for Apple to release a fix or a patch for this flaw. Follow these simple guideline to prevent your MacOS PC to be accessed by anyone just because they decided to use “Root” as their username.

You can create a username “Root” and set a password for it so that anyone that types in  “Root” will also have to go through the root password which you've set earlier.

Launch a Terminal window, type “sudo su” and authenticate it with your own password to become root. Now type “passwd” and follow the instructions to change the password. That’s all.

I do hope that Apple is working to fix the issue as soon as possible and release an official patch.




If You Enjoyed this Post, Kindly take 5 Seconds and Share it With Your Friends on

No comments:

Post a Comment

***We ❤ to hear from you, Tell us Your views and opinion. Please note that comments are always moderated, Abusive comments won't be approved, and spammy comments are deleted automatically