Here's How to Temporarily Fix the macOS High Sierra Bug That Gives Full Admin Access to Your Mac Sans Password [Updated]

[bopajuice]

My faith in Apple diminishes with every new flaw. Everyday they get one step closer to the level of Microsoft and their vulnerabilities.

 

[simonmet]

That is wild. The bug was described in developer notes in Apple's posesson. But who cares, iPhones are selling very well.

This is why I stopped using Apple’s support forums.

 

[dubAdub]

Note that these instructions don't tell you to disable the root account. They mention HOW to disable it, if and when you want to, but advise you not to until the bug is fixed.

If there's a flaw in the procedure to disable the root user, then let's hope Apple fixes that too.

I enabled the root user to see the problem and was able to log in as root with a blank password. But then I set a new root password and disabled the root user. It does not net me log in as root when the root user is disabled with either the blank password or the new password.

 

[Sefstah]

I made no excuse. I just corrected you on inaccurate information.

I made no excuse. I just corrected you on inaccurate information.

You didn’t correct anything. You just assumed schools and universities don’t update their OS. As if that’s supposed to fix the topic at hand.

 

[Ribitsch]

Woow, worked for my account too
Really disappointed, that such a security flaw appears in 2017

 

[ikir]

This is such a fundamental and major security flaw, it's mind-blowing how it managed to get through Apple's QA

A critical vulnerability that allows root access to all macs with a single click. We'd be laughing at Microsoft if this had occurred with Windows

99% of PC doen’t even have a password, it means it is like all PC have always this bug

 

[makitango]

These days every release has to fix the **** of the last one, with no stable release in sight. Where exactly went those guys who did QA for Snow Leopard? No wonder they put insane amounts of money in marketing these days, the have to cover up their mess all the same.

 

[C DM]

These days every release has to fix the **** of the last one, with no stable release in sight. Where exactly went those guys who did QA for Snow Leopard? No wonder they put insane amounts of money in marketing these days, the have to cover up their mess all the same.

Welcome pretty much any software, especially as complex as an OS.

 

[NOV]

Anyway of knowning your Mac has been "visited" or compromised?

 

[Scubaman]

Finally found a good reason for not upgrading to HS on my tower Mac Pro! Although I can’t anyway ‘cos HS won’t install onto RAID... APPLE WTF IS GOING ON!

 

[M2M]

Or, you know, don't leave your laptop sitting around unlocked. As more or less 100% of your critical info is under your user account anyway, probably even in the easy to find Documents folder, it's almost useless to spend time (as a theif) monkeying with root accounts. Just yoink what you need directly. Creating a root password (as a theif) presumes future access to the Mac, in which case it's been lifted already, and there are ways to get at your info, anyway, if it's unencrypted, as most Macs are.

Pretty dumb flaw, yes, but you deserve what you get if you leave your unattended, unlocked laptop lying around where people can physically get at it in the first place.

Corporate macs ? All 2 of them (yes i know ibm uses more)

 

[MrRobot2]

I was just able to access my wifes' computer and found evidence she is cheating on me. I will sue for custody of my children. I am packing my things. Thanks Apple.

 

[iapplelove]

I haven’t booted my MBP in weeks lol..it will probably remain off until the fix is released. Feel bad for others who truly rely on their machines daily.

I only use mine now to back up my idevices via iTunes

 

[bms8197]

You can just change the root password using Terminal, sudo su, enter your user's password, you have root access now, do a passwd root and change the password. Same thing as using the Users utility from Settings but way faster

 

[rhoydotp]

Anyway of knowning your Mac has been "visited" or compromised?

A quick way is to run "last" command on the Terminal. Although, if you've been "visited", most probably that log has been cleared as well. So maybe not ... you can always do a fresh install if you are being paranoid

 

[bms8197]

By default, on MacOSX remote access is disabled (like ssh, remote desktop etc). That being said, unless you have enabled and allowed any type of remote connections to your computer, this bug works locally. So if someone has used your mac then that someone had physical access to your computer.

 

[Darmok N Jalad]

My faith in Apple diminishes with every new flaw. Everyday they get one step closer to the level of Microsoft and their vulnerabilities.

99% of PC doen’t even have a password, it means it is like all PC have always this bug

I don’t think either of these statements are accurate for MS or its users anymore. Also, consider MS serves a wider user base over more diverse hardware, they actually do a pretty good job these days.

I haven’t booted my MBP in weeks lol..it will probably remain off until the fix is released. Feel bad for others who truly rely on their machines daily.

I only use mine now to back up my idevices via iTunes

Do you have your guest account disabled? If not, then a user can login as guest and then root.

 

[LarryNyquil]

"I was gonna set a default root password, but then I got 'High'..."
-- Some Engineer at Apple, probably

 

[iapplelove]

Do you have your guest account disabled? If not, then a user can login as guest and then root.

My MBP doesn’t leave my house. So someone would have to break in and steal it.

 

[Artimus12]

Yes, it is always the users’ fault.

I’m pretty sure software/hardware companies only need to test their products the correct way they are supposed to be used.

Not so. It also needs testing in ways it's NOT supposed to be used ...as that's usually how these hacks occur.

 

[bopajuice]

I don’t think either of these statements are accurate for MS or its users anymore. Also, consider MS serves a wider user base over more diverse hardware, they actually do a pretty good job these days.


Do you have your guest account disabled? If not, then a user can login as guest and then root.

I totally agree Microsoft has stepped it up. My comment was more geared towards Microsoft over time. They used to get a lot of complaints but have improved. Apple appears to be going the other way.

 

[Darmok N Jalad]

My MBP doesn’t leave my house. So someone would have to break in and steal it.

It happened to me once. It’s certainly not that likely to happen, but if you had valuable data on it and such a thing did happen, you’re more at risk. Granted, most thieves don’t seem to care about your data, just your goods. Best that I can tell, the burglar that stole my laptop never did a thing with my personal data, which is fortunate. It certainly made me rethink data security, though. After such an event, it’s hard to recall all your accounts that may need to be changed.

 

[ignatius345]

For steps 4 and 8, you can also just enter user "root" and exploit the bug you're about to shut down...

 

[TMRJIJ]

You didn’t correct anything. You just assumed schools and universities don’t update their OS. As if that’s supposed to fix the topic at hand.

I never said it would fix the topic at hand. You just assumed that.
Also, yes, many schools and universities don’t update their is. They’ll keep to most usable and easily controlled OS to limit issues for the students and facility.

 

[Arkku]

Instead of enabling the root account with a password, it seems possible to actually disable it by adding ;DisabledUser; to the AuthenticationAuthority key. A little script to do this: https://gist.github.com/arkku/faec0a43ccc8c8d4bc2046419f5ade6d