Serious MacOS Bug Allows Anyone to Access Your Computer With a Blank Password
Regular updates are one of the best ways to keep your computer secure, but a glitch in a recent version of macOS High Sierra leaves users seriously vulnerable. As The Guardian reports, anyone can unlock a Mac that has the new software without typing the correct password.
The gaping security hole was first shared in an Apple developer support forum. To take advantage of it, hackers must first go to a computer’s System Preferences page. If they click the lock icon, from there they’re taken to a separate login window. Typing "root" in the username field and leaving the password blank then allows the hackers to set up their own account after clicking the unlock button a few times.
You don't have to be a tech wizard to gain access to a computer this way. As long as someone knows the secret, they can infiltrate a Mac's sensitive data, whether through the lock screen, the unlocked desktop, or even remotely through screen-sharing services.
If you think your computer may be at risk, don't trigger the bug yourself just to check if it's there: According to security experts, activating it once will only make it easier for outside parties to go down the same path. The best move is to eliminate the issue as quickly as possible. Luckily, Apple released a security update that solves the issue on Wednesday, November 29. To enable it, go to the App Store, click Updates, press Command-R to see the newest updates, and select the option labeled Security Update to install it.
[h/t The Guardian]