It seems that Apple has inadvertently left open a major security flaw in its latest version of macOS High Sierra, which was originally introduced at WWDC conference earlier this year. The Cupertino-based tech giant was quite in a rush to release an emergency patch.
Apple has released a Security update for macOS High Sierra. The update fixes serious concerns of vulnerability that allowed anyone to log into a Mac without entering the password.
A few days ago, it was discovered anyone could access locked settings on a Mac using the username ‘root,’ which doesn't need a password and subsequently unlock the computer.
The huge security flaw was disclosed in an Apple developer support forum by a user on Twitter. "Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can log in as ‘root’ with empty password after clicking on login button several times. Are you aware of it @Apple?" the user tweeted.
The company began working on an update to close the security loophole after hearing of the issue on November 29, to which Apple said that it has now patched that security flaw, along with a guide on how to fix it.
“We greatly regret this error and we apologise to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again,” the company said.
