xi's moments
Home | Technology

Apple's MacOS security bug likely to invite easy system hacking

Xinhua | Updated: 2017-11-29 16:30

SAN FRANCISCO — A Turkish software developer announced Tuesday that he has found a severe security bug in Apple's new Mac operating system (MacOS) that would allow anyone to gain full administrator control of a computer without entering a password.

"Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?" the Turkish developer Lemi Orhan Ergin tweeted.

Because of the bug, Ergin found that anyone can gain unauthorized access into a Mac running MacOS High Sierra, its most recent version, by logging in as "root" for username and clicking on the login button a few times with an empty password.

Other Apple users have also reported on social media the existence of the bug, which was said to be able to work remotely through third-party software called VNC and Apple-owned Remote Desktop software.

Apple responded to Ergin's security alert Tuesday afternoon by replying a tweet to Ergin.

"Thanks for reaching out. Send us a DM, and we'll look further into this with you," Apple's customer support division tweeted.

Apple issued a statement saying it is working on a software update for the bug.

The IT company also advised its MacOS user to set a root password to prevent unauthorized access to their Mac.

"If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the 'Change the root password' section," Apple suggested.

Global Edition
BACK TO THE TOP
Copyright 1995 - . All rights reserved. The content (including but not limited to text, photo, multimedia information, etc) published in this site belongs to China Daily Information Co (CDIC). Without written authorization from CDIC, such content shall not be republished or used in any form. Note: Browsers with 1024*768 or higher resolution are suggested for this site.
License for publishing multimedia online 0108263

Registration Number: 130349