A Turkish developer has found an easy way to circumvent password protection in Macintosh computers.
(CCM) — A massive security bug has been discovered in macOS High Sierra, the latest version of Apple's operating system for its Macintosh desktop and laptop computers, according to a BBC report.
The software flaw makes it easy for anyone to access a computer running High Sierra by bypassing any security password that has been set by a user. More importantly, it also makes it easy for anyone to assume administrator privileges on the computer by providing root access. Users with root access can add and remove accounts on the computer, install malicious software including key loggers, and change or delete data and crucial system files which the computer requires in order to run properly.
To gain root access to a computer running the affected software, all that is necessary is to log on to the computer using the username "root" and leaving the password field empty, and then pressing "enter" several times.
The security flaw was discovered by Lemi Ergin, a Turkish software developer. He has faced criticism for revealing the flaw without first notifying Apple and providing the company with a reasonable amount of time to produce and test a fix, as responsible disclosure guidelines dictate.
Apple is working furiously to develop a fix for the problem, and in the meantime it recommends that users set a password for the root account.
Image: © Pixabay.