Scary security issue...
https://twitter.com/lemiorhan/status/935578694541770752
I would expect a patch from Apple ASAP!
https://twitter.com/lemiorhan/status/935578694541770752
I would expect a patch from Apple ASAP!
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
macOS - Major Security Issue
- Thread starter ChaosAngel
- Start date
- Sort by reaction score
- Status
This only effects High Sierra, right? Tried it on 10.12 and doesn't seem to work... which is a good thing.
I'm a little confused why they posted this on Twitter, and not privately contact Apple about it.
I'm a little confused why they posted this on Twitter, and not privately contact Apple about it.
Wow, stupidly simple and it actually works! A second massive screwup in MacOS High Sierra from a company known for its security-conscious practices - what exactly is happening over there?
No patch needed. The system administrator at Software Craftsmanship Turkey needs patching.
Attempted bypass listed above on 4 iMacs and 2 MBPr15 running MacOS 10.13.1 with no vulnerability as presented.
I stand corrected. I replicated on a single iMac running 10.13.1. Once I restarted I could not replicate.
[doublepost=1511902815][/doublepost]
The good news is that after the first root bypass on the iMac27, I could not replicate after restarting.
[doublepost=1511903353][/doublepost]Now replicating on all Macs running 10.13.1
If you type in root and then hit enter, do not click the Unlock button; just press enter. It may take a couple of attempts.
[doublepost=1511903930][/doublepost]Could it be associated with the Ghost Guest user that appeared with High Sierra? On the MacbookPro I cleared the ghost guest with this terminal command:
I cannot use root to bypass on MBPr.
[doublepost=1511902815][/doublepost]
So far, I've attempted on nearly a dozen MBPr15 running 10.13.1 and a single iMac27 running 10.13.1. The iMac27 root bypassed the lock, I could turn on Guest user and enable shared accounts. Fortunately, you already have to 'in the system' to make this work. I have one more iMac locally to test and two more MBPr15. Be right back.
The good news is that after the first root bypass on the iMac27, I could not replicate after restarting.
[doublepost=1511903353][/doublepost]Now replicating on all Macs running 10.13.1
If you type in root and then hit enter, do not click the Unlock button; just press enter. It may take a couple of attempts.
[doublepost=1511903930][/doublepost]Could it be associated with the Ghost Guest user that appeared with High Sierra? On the MacbookPro I cleared the ghost guest with this terminal command:
Code:
sudo fdesetup remove -user GuestI cannot use root to bypass on MBPr.
Last edited:
Try removing the ghost guest root user account with either of the terminal commands:
Code:
dsenableroot -d
Code:
sudo fdesetup remove -user GuestSo probably nothing to do with Guest accounts.
Someone has to have access and be able to open System Preferences, yes (from any account, even the guest account). The bug is in the System Preferences authentication routine.
Not quite. I've logged into the 'ghost' guest account created on an iMac from our office. To see if you can duplicate:
- Restart Mac
- If you see 'Other' user, click on that
- Enter root
- Then press enter
You should now have root access to your mac. From there the user can do anything.
NOTE: If you do not see an 'Other' user, your mac should be safe.
Gay pride and unicorn animojis (but I repeat myself).
Basically, Apple has taken its eye off the ball. They're a software company first and have forgotten that basic fact.
I'm not going to run High Sierra anymore until this is fixed. This is really unacceptable, Apple!
[MOD NOTE]
Please join the discussion here: https://forums.macrumors.com/thread...-without-password-how-to-fix-updated.2091696/
Please join the discussion here: https://forums.macrumors.com/thread...-without-password-how-to-fix-updated.2091696/
- Status