Apple has a bug bounty program where it pays researchers for discovering unknown security bugs. The user who tweeted it is already facing criticism from those who believe he failed to give a “responsible disclosure,” or when a security researcher agrees to give the affected company time to fix its error before posting about it publicly. It’s not clear if Apple was made aware of the problem before it was publicly disclosed. The Daily Dot confirmed the flaw using a 2016 13-inch MacBook Pro. Multiple publications have successfully exploited the vulnerability using other Apple laptops, including the MacBook Air and MacBook. You can log in as root even after the machi was rebooted /fTHZ7nkcUp- Amit Serper November 28, 2017 RESET ADMIN PASSWORD MAC OS SIERRA HOW TOYou can see how to exploit works in the video below. The computer then creates a new “other” user, which has the credentials to access and alter just about any setting and file on the computer. Eventually, the password protection fails and grants the intruder admin privileges. All someone needs to do is change “username” to “root,” leave the password blank, and press the “unlock” button multiple times. RESET ADMIN PASSWORD MAC OS SIERRA SOFTWAREWhat makes this flaw different-and much more alarming than anything we’ve seen in recent years-is that it can be exploited by anyone, not just hackers or software developers. Are you aware of it Lemi Orhan Ergin November 28, 2017 Anyone can login as "root" with empty password after clicking on login button several times. It even gives them the ability to reset and change passwords.ĭear we noticed a *HUGE* security issue at MacOS High Sierra. Publicly posted to Twitter by Turkish software developer Lemi Orhan Ergin, the dangerous vulnerability lets anyone using a Mac running macOS 10.13 High Sierra get authenticated into a “System Administrator” account, giving them access to all sorts of private files. A critical security flaw in Apple’s latest version of macOS grants intruders access to your computer’s settings and data without needing a password.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |