macOS High Sierra users warn yourself, there is a root login security bug lurking in the boot login screen that compromises the security of your computer with root access. The blog provides tried and tested solutions to fix this issue. To know, read on.
There is a bug in High Sierra that allows anyone to bypass root login just by clicking other on the login screen, typing root, and then clicking on unlock twice without the need for password authentication. This is a major security vulnerability, and attackers could compromise Mac security and data. If Mac data has been deleted by an unauthorized person using the flaw, users are recommended to use a Mac data recovery software to recover the lost data.
In case your Mac is running on macOS High Sierra 10.13.1, certainly, you are vulnerable to this flaw. Apple has released a fix within 24 hours after its revelation. Just install the Security Update 2017-001. To install the fix, go through the following steps:
Go to Apple menu, then click on App Store
Click the Updates tab to find Security Update 2017-001
Click the UPDATE button on the screen showing Security Update
The update immediately applies to the Directory Utility application in macOS. You do not need to reboot your Mac for security update changes to take effect. After the update, your macOS High Sierra possesses the build number 17B1002. The bug is not impacted on macOS Sierra 10.12.6 and earlier, so these users do not need to fear.
Looking at the seriousness of the vulnerability, Apple has started pushing the update automatically. To check whether the update is present on your Mac, just go through the following steps:
Go to Apple menu, then click on About This Mac
Under macOS High Sierra, click the Version text
Build number appears beside version, verify the same
Alternately, use Terminal and type sw_vers
If your version is prior to 17B1002, then you need to manually install the fix as discussed above. If your version is the same or subsequent to 17B1002 then you are safe.
Stay safe and create a root password to stop any unauthorized access either through Directory Utility or via Terminal as explained in the succeeding section:
To change root password using Directory Utility:
Go to Spotlight, type Directory Utility to search, and hit return
Under Directory Utility, click the lock icon for editing
Click Edit from the menu bar and select Change Root Password
Click OK after entering a password and verifying the same
Close Directory Utility
If Root User account is disabled, then enable the same from Edit and set password
To change root password using the command line:
Use Terminal and type sudo passwd root
Authenticate using the admin password and hit return
Type a new password and hit return
Type the password again to confirm and hit return
Once your password for root is changed, the security vulnerability present in macOS High Sierra will not affect you, as now no one can access root without entering the password. Furthermore, it is advisable to create a strong password.
In the event of data loss due to your Mac system security breach, you can use Stellar Mac Data Recovery – Professional to recover your lost data. The steps to perform the recovery process is as follows:
Step 1. Download, install and launch the software on your Mac
Step 2. Use the software’s interface to recover your lost data
Step 3. Save the recovered data in an external storage device to avoid overwriting
The blog points out a serious security vulnerability in macOS High Sierra in which anyone can access Mac machine from login screen using root and no password. The blog provides few tips to fix and stop the root access. If your system is compromised and data is intentionally deleted, you can positively recover through Stellar Mac Data Recovery – Professional. The software is powerful enough to handle any kind of logical failure to access your data.
Vishal is a data recovery expert @Stellar. He addresses data loss scenarios on a Mac. He intends to help people solve their macOS problems. Besides, Vishal prefers to read autobiographies, and his personal favorite is of Steve Jobs.