contador web Saltar al contenido

A serious flaw in macOS allows anyone to log in as the root user; know how to protect yourself! [atualizado 2x]

I honestly don't know how some people discover certain flaws in other people's operating systems. But the truth is that the method used to discover vulnerabilities is not the central point of this article, but the failure in question.

Well, the developer Lemi Orhan Ergin found a serious flaw in macOS put his mouth on the trombone:

Dear @AppleSupport, we noticed a * huge * security issue on macOS High Sierra. Anyone can login as "root" with a blank password after clicking the login button several times. Are you aware of this, @Apple?

You can access it by going to System Preferences Users and Groups and clicking on the lock padlock to make changes. Then use ?root? without a password. And try it many times. The result is unbelievable!

MacOS serious crash

I explain: even without knowing the password of the user macOS is running on, you can, due to the failure, authenticate some sensitive operation of the system or even change important information in the System Preferences Users and Groups.

Worse than that: the vulnerability allows an intentional person to log in to any Mac account. That is, turn on someone's Mac, write root in the user's name, leave the password blank and try to log in until in this case, apparently only on Macs that have the option ?Name and password? checked, as shown in the image below:

MacOS serious crash

We made a video showing how everything works:

I do not doubt that Apple anticipates the release of the final version of macOS High Sierra 10.13.2 because of that

How to protect yourself now!

There is, however, a way for you to protect yourself from this loophole now.

I tried to reproduce the root login bug without a password on three different machines and it failed. It turns out that I always set a root password on Macs.

As the developer Paul Haddad informed, just have a root user password set to be protected. And making it very simple, as this Apple support article teaches.

How to create a password for the root user:

  1. Select menu Apple () System Preferences and click on "Users and Groups";
  2. Click on the lock icon and enter the administrator name and password;
  3. Click on "Start Options".
  4. Click "Connect".
  5. Click on ?Open Directory Utility?.
  6. Click on the lock icon in the ?Directory Utility? window and enter the administrator name and password (or authenticate via Touch ID).
  7. From the menu bar in the Directory Utility, select Edit Activate Root User / Change Root Password and enter the password you want to use for the root user.

There, creating a password for the root user will be protected.

· ? ·

In addition, here's the tip from the Brazilian developer Guilherme Rambo:

If you happen to encounter a security issue with any product, contact the company's security contact and report it directly to them. Apple's security@apple.com

For the sake of users, report the problem to the company before sharing it with the world. You can still earn a little money with this. ?

Update 11/28/2017 s 22:36

Here is the statement that Apple has given to some vehicles, including the The Loop:

We are working on a software update to resolve this issue. In the meantime, setting a root password prevents unauthorized access to your Mac. To enable the root user and set a password, follow the instructions here: https://support.apple.com/en-us/HT204012. If a root user is already enabled, to ensure that a blank password is not set, follow the instructions in the ?Change root password? section.

That is, exactly what we have indicated above.

Update II, by Rafael Fischmann Nov 29, 2017 at 14:40

The security flaw has already been fixed by Apple.