Here's How to Temporarily Fix the macOS High Sierra Bug That Gives Full Admin Access to Your Mac Sans Password [Updated]

[canny]

Tim Cook has gradually reduced the testing and Q&A at Apple since taking over. I guess emojis and wearing halos are more important.

 

[simonmet]

Tim Cook has gradually reduced the testing and Q&A at Apple since taking over. I guess emojis and wearing halos are more important.

Do you know this? Extraordinary if true.

 

[canny]

Do you know this? Extraordinary if true.

Yeah. I know people who work at, and who have interviewed at Apple. Their QA and testing is very under-staffed and demoralised. Especially compared to the likes of Microsoft and Google.

Basically, Tim doesn’t care about the fundamental qualities that Apple once had. It’s just tech gimmicks and his own narcissism that matter.

This security issue is really a resigning issue for Cook. But I doubt anyone will even be fired. They’re so short-staffed that they couldn’t afford to lose anyone.

 

[creativecag]

This is such a fundamental and major security flaw, it's mind-blowing how it managed to get through Apple's QA

A critical vulnerability that allows root access to all macs with a single click. We'd be laughing at Microsoft if this had occurred with Windows

Yes! I don’t like my alternatives but I’ve been displeased the past several years with their decisions on hardware and port inclusion, too.

I’m beginning to think their focus on diversity and SJW stuff is interfering with actual product quality. They need to refocus badly. This will surely cost them money and customers.

 

[mabhatter]

This is a screwup! I literally walked over to my locked Mac and signed on with the hack. Then immediately set a password on the account that seems to work now.

I think the flaw is that if you disable the account, it un-sets the password, and other account info, and turns the flaw back on.

How do I know if this was used remotely? My computer’s been sitting all day.

 

[canny]

This bug was apparently known a couple of weeks ago
https://forums.developer.apple.com/thread/79235

Look for:
“Enter username: root and leave the password empty.”

The guy answering the question thought it was a feature!

 

[Sandstorm]

It just works.

Just another logical effect from the lack of focus and total neglect of the Mac under Tim Cook.

 

[J_walker]

Laptop? How about all the schools and Universities that use iMacs with admin accounts? This is a HUGE flaw and shouldn’t be downplayed.

That's why most schools, universities and workplaces don't upgrade software until its been out for a year or so

 

[jayducharme]

My Mac is set so that the login screen is a list of users, not a name/password field. Is that still a problem?

 

[TMRJIJ]

Heck No!!! This needs to be fixed next beta

Unbelievable. This is not Steve’s Apple.

Steve’s Apple deleted all your user data when you logged into the guest account (OS X 10.6.2 bug)
[doublepost=1511914942][/doublepost]

Laptop? How about all the schools and Universities that use iMacs with admin accounts? This is a HUGE flaw and shouldn’t be downplayed.

Most schools and universities keep older OS until the newer ones are finished development. As of now, they’re probably using macOS El Captain and Windows 7 still.

 

[Rambus]

This is done by design to help out FBI, foil IS & save lives. Let's focus on things that matter in our daily lives - Face IDs & Animojis

 

[RedCrowCDC]

Even After resetting password, and disabling the root account, the flaw still allows root to go thru with no password

 

[Sefstah]

Heck No!!! This needs to be fixed next beta


Steve’s Apple deleted all your user data when you logged into the guest account (OS X 10.6.2 bug)
[doublepost=1511914942][/doublepost]
Most schools and universities keep older OS until the newer ones are finished development. As of now, they’re probably using macOS El Captain and Windows 7 still.

That’s your excuse, really?

That's why most schools, universities and workplaces don't upgrade software until its been out for a year or so

Oh cool, well too bad for the rest of the world then. Right?! WRONG
[doublepost=1511917162][/doublepost]

Heck No!!! This needs to be fixed next beta


Steve’s Apple deleted all your user data when you logged into the guest account (OS X 10.6.2 bug)
[doublepost=1511914942][/doublepost]
Most schools and universities keep older OS until the newer ones are finished development. As of now, they’re probably using macOS El Captain and Windows 7 still.[/

That's why most schools, universities and workplaces don't upgrade software until its been out for a year or so

Source?
Btw, this is a horrible excuse and doesn’t make anything better.

 

[TMRJIJ]

That’s your excuse, really?

Oh cool, well too bad for the rest of the world then. Right?! WRONG
[doublepost=1511917162][/doublepost]

I made no excuse. I just corrected you on inaccurate information.

 

[CrzyP]

Is this related to the rogue guest account on my login screen?

 

[winston1236]

Or, you know, don't leave your laptop sitting around unlocked. As more or less 100% of your critical info is under your user account anyway, probably even in the easy to find Documents folder, it's almost useless to spend time (as a theif) monkeying with root accounts. Just yoink what you need directly. Creating a root password (as a theif) presumes future access to the Mac, in which case it's been lifted already, and there are ways to get at your info, anyway, if it's unencrypted, as most Macs are.

Pretty dumb flaw, yes, but you deserve what you get if you leave your unattended, unlocked laptop lying around where people can physically get at it in the first place.

Yeah! Stupid victims! It's their fault! /S

 

[mikegem]

Is it known whether this bug exists in Sierra as well?

 

[delnerdo]

Is this related to the rogue guest account on my login screen?

nope. that’s to help locate a stolen mac, via “find my mac”.

 

[macuser1232]

Or, you know, don't leave your laptop sitting around unlocked. As more or less 100% of your critical info is under your user account anyway, probably even in the easy to find Documents folder, it's almost useless to spend time (as a theif) monkeying with root accounts. Just yoink what you need directly. Creating a root password (as a theif) presumes future access to the Mac, in which case it's been lifted already, and there are ways to get at your info, anyway, if it's unencrypted, as most Macs are.

Pretty dumb flaw, yes, but you deserve what you get if you leave your unattended, unlocked laptop lying around where people can physically get at it in the first place.

I'm pretty sure you could take advantage of this bug remotely via SSH as well.

 

[Vulkan]

fyi: tested and pushed the following one-liner to all our high sierra macs and can confirm the exploit no longer works:

dscl . passwd /users/root "$(env LC_CTYPE=C tr -dc 'A-Za-z0-9_\ \!\@\#\$\%\^\&\*\(\)-+=' < /dev/urandom | head -c 32)"

in case anyone is here looking for a fix

 

[delnerdo]

Linus would never let this happen.

 

[PickUrPoison]

Linus would never let this happen.

You mean this exact bug or a privilege escalation bug?

Or maybe you’re just being sarcastic lol

 

[Sasparilla]

Love this site putting this up. Mac Rumors rocks.

 

[gertruded]

This bug was apparently known a couple of weeks ago
https://forums.developer.apple.com/thread/79235

Look for:
“Enter username: root and leave the password empty.”

The guy answering the question thought it was a feature!

That is wild. The bug was described in developer notes in Apple's posesson. But who cares, iPhones are selling very well.

 

[Westside guy]

A critical vulnerability that allows root access to all macs with a single click. We'd be laughing at Microsoft if this had occurred with Windows

Actually, this basically did happen with Windows, more than a decade ago. It used to be the case that the local “Administrator” account was created without a password by default.