Talking New Media

Apple promises a security fix for giant hole it opened up in its macOS High Sierra

There was a time when Mac and iPhone users would automatically update their machines whenever Apple would release a software update, so confident were users that the update would not prove disastrous. No longer.

Yesterday, Turkish software developer Lemi Ergin found that simply by logging into an admin account using the “root” account one could access any Mac on macOS High Sierra without a password. Yep, no password needed to access your Mac… assuming you have upgraded to High Sierra.

Apple responded first by requesting that users contact them to discuss the problem, but soon someone in Cupertino realized that they had a problem that makes antennagate or Apple Maps look inconsequential by comparison.

The good news for those who are High Sierra is that there is an easy fix: go to System Preferences, then Users and Groups, then Login Options, click Join, then Open Directory Utility, then click Edit from pulldown menu at the top of the screen, then enable the Root User and create a unique password.

Yikes, Apple, really?

Apple promises a fix soonish.