Stupid Bug Lets Anyone Change Apple macOS High Sierra Passwords — Here’s How To Fix It


(From Forbes)

If you’re running macOS High Sierra, don’t let anyone near your Apple Mac. It’s possible for anyone to login to the Mac and get the admin level of access to change passwords, get access to all data on the main account and lock the original user out. Fortunately, there’s a fix that should solve the problem, even as Apple works to patch.

First, the bug. In what may go down as one of the most embarrassing vulnerabilities in Apple history, all a “hacker” needs to do is sign in as an “Other” user, type in “root” for a username and no password. Then they’re in.

Forbes tested the vulnerability and found it wide open, allowing a change of passwords for other accounts on the Mac.

Click here for the article.