On a Mac running High Sierra? Update now.

Apple
The Washington Post
By Hayley Tsukayama
Image courtesy of Apple

Apple issued a patch Wednesday to fix a major flaw that allowed people to gain deep access to computers running its latest operating system without the need for log-in credentials.

Reports of the flaw began circulating Tuesday after security researchers found the vulnerability. The researchers reported it was possible to gain access to a Mac — and its core settings — without having to use its owner’s username and password. Instead, a potential hacker could type “root” into the username field of key settings in the system preferences menu without entering the password.

Practically speaking, a hacker would need either physical access or remote access to a Mac to do damage. Many security researchers said this was a glaring oversight that Apple should have caught, particularly given its reputation for high standards and a reputation (rightfully or not) for better security than PCs.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s