Mac OS High Sierra Bug

We have all heard about the big blunder Apple with the security in Mac OS High Sierra (10.13). Let's take a deep breath and chill for a minute before running around as if our hair is on fire.

What is root access?


Root is the superuser on an operating system that has access to everything on that machine.  By default, its turned off and should stay that way unless you have an exceptional need for it and know what you are doing.

The bug:


Someone figured out that its easy to enable root access from the login screen. This should never have passed Apple's Q&A process. This bug only applies to Mac's running MacOS High Sierra (10.13) and is only possible with physical access to your computer and not via the internet.

Bug disclosure:


Responsible researchers disclose their findings first to the software developers and give them time to fix the bug before going public. This "researcher" found it necessary to seek sensation and plaster it all over the internet which is having a field day with it. Meantime raking in tons of advertising dollars.

directory_utility.jpg

The Fix:

  1. Chill and wait for Apple apple to send a software update
  2. Follow these instructions below for a temporary fix

Create a Root account to prevent an unauthorized person from making one. Once Apple sends the software update to resolve this problem, I strongly recommend to disable root access again.

  1. Open spotlight
  2. Search for Directory Utility and open it
  3. Unlock the window
  4. Enable Root User in the Edit Menu
  5. Set a very strong password and make sure not to lose it!