PKR
Veteran
Apple rushes to resolve ‘huge’ password glitch on its new operating system
Sam Meredith | @smeredith19
CNBC | 2017-11-29T12:49:03-0500
Apple is scrambling to fix a serious glitch within its latest Mac operating system.
A major flaw in the way the MacOS High Sierra operates means that anyone can gain entry to a computer without the use of a password, obtaining access to powerful administrator rights in the process.
Warnings about the bug were shared by computing experts such as Edward Snowden, who described Apple's operating system as "really bad" on Tuesday.
In a statement released Wednesday, Apple said: "We are working on a software update to address this issue."
The bug was first made public by Turkish developer Lemi Ergin. He discovered that by entering the username "root" and leaving the password field blank, he would eventually be able to gain unrestricted access after repeated presses of the log-in button.
Ergin said the glitch was a "huge security issue," before adding that the end result was "unbelievable."
https://www.cnbc.com/2017/11/29/app...uge-password-glitch-on-macos-high-sierra.html
.
Sam Meredith | @smeredith19
CNBC | 2017-11-29T12:49:03-0500
Apple is scrambling to fix a serious glitch within its latest Mac operating system.
A major flaw in the way the MacOS High Sierra operates means that anyone can gain entry to a computer without the use of a password, obtaining access to powerful administrator rights in the process.
Warnings about the bug were shared by computing experts such as Edward Snowden, who described Apple's operating system as "really bad" on Tuesday.
In a statement released Wednesday, Apple said: "We are working on a software update to address this issue."
The bug was first made public by Turkish developer Lemi Ergin. He discovered that by entering the username "root" and leaving the password field blank, he would eventually be able to gain unrestricted access after repeated presses of the log-in button.
Ergin said the glitch was a "huge security issue," before adding that the end result was "unbelievable."
https://www.cnbc.com/2017/11/29/app...uge-password-glitch-on-macos-high-sierra.html
.
update is already out
PKR
Veteran
"While the security vulnerability was a rather serious one, Apple has promptly responded with a fix less than 24 hours after it became public. The issue did not affect older versions of macOS, although there doesn’t appear to be a fix available for macOS 10.13.2 beta yet as the fix (downloadable here) only appears to apply to macOS 10.13.1 for now."
https://9to5mac.com/2017/11/29/macos-root-fix/
.
https://9to5mac.com/2017/11/29/macos-root-fix/
.
SolaresLarrave
My M5s need red dots!
And I just updated to High Sierra about a week ago... Time to get the fix! 
PKR
Veteran
And I just updated to High Sierra about a week ago... Time to get the fix!
I wait till updates are out of beta. With an OS, I wait 6 months to a year .. especially with MS.
Jamie Pillers
Skeptic
Apple's fix already installed... arrived this afternoon.
Godfrey
somewhat colored
Good to know. I haven't updated to High Sierra yet. I recall there was a note that one app I use wasn't compatible yet.
Apple is very good at responding quickly when one of these things happens.
G
Apple is very good at responding quickly when one of these things happens.
G
Noserider
Christiaan Phleger
Thank you for posting this. I had to bump to HS for Final Cut Pro X work and since I follow RF forums WAY more than any apple forums I got the patch quickly. Another update was also posted.
Dogman
Veteran
Thanks for the post.
I just did the update.
I just did the update.
Rob-F
Likes Leicas
Is it Aperture compatible?
Noserider
Christiaan Phleger
I don't know I've been stuck in the adobe universe wormhole with LR CC
Peter Jennings
Well-known
I've been using Aperture with High Sierra since it came out. No problems!
Chuck Albertson
Well-known
Wait! There's a bug in the patch!
https://www.theguardian.com/technol...haring-password-security-flaw-emergency-patch
https://www.theguardian.com/technol...haring-password-security-flaw-emergency-patch
Darthfeeble
But you can call me Steve
It ain't your father's Apple. Luckily, we don't use file sharing.