Overclock.net banner

[Twitter] Huge security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times.

2621 26
Quote:
Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?
Source

I haven't believed for the first time, but it's confirmed by many users. WTH Apple???
headscratch.gif


And the root account can also be used to log into the vulnerable machine remotely.

Source
21 - 27 of 27 Posts

· Registered
Joined
·
651 Posts
Quote:
Originally Posted by Liranan View Post

A few years ago it was found out that Macs could, indeed, be infected with viruses and malware. Apple, in their great wisdom, decided to advise their users not to install AV's and patched OSX in such a way it was impossible to do so as they took up unnecessary and pointless resources. Not long after they had to admit that their OS wasn't as safe as they claim and started advising their users to install AV's anyway.

Most Mac owners I know all run Windows on their machines as none of them want to touch MacOS with a mile long pole (three feet is certainly not long enough). Personally I would install Linux as Linux is superior in every way (Android excluded).
Fake news. I've run McAfee on my macs for years. There's never been a time in the past 15 years that I couldn't install an anti virus on my macs.

 

· Registered
Joined
·
1,596 Posts
I can confirm 100% That’s never been the case.
 

· Registered
Joined
·
735 Posts
OCN Apple hate or not, does anyone have any hint on why this happened? Which system running in which ring has access to root privilege and leaks it without a proper security challenge? This looks like an architectural issue that just happens to be exposed via the worst UI element possible.
Quote:
Originally Posted by PostalTwinkie View Post

Why was this moved from news to the Mac sub-forum? Mods trying to keep Apple related issues buried?

I fail to see how news of a Mac security issue doesn't belong in the news section. Even more so with the update of it being patched out!
It's a surprising move indeed, but one could argue that moving this thread into the Mac section gives it more exposure to Mac users, who is likely at risk and needs to follow the instructions to migrate it.
 

· Politically incorrect
Joined
·
9,226 Posts
Quote:
Originally Posted by MedRed View Post

Quote:
Originally Posted by Liranan View Post

A few years ago it was found out that Macs could, indeed, be infected with viruses and malware. Apple, in their great wisdom, decided to advise their users not to install AV's and patched OSX in such a way it was impossible to do so as they took up unnecessary and pointless resources. Not long after they had to admit that their OS wasn't as safe as they claim and started advising their users to install AV's anyway.

Most Mac owners I know all run Windows on their machines as none of them want to touch MacOS with a mile long pole (three feet is certainly not long enough). Personally I would install Linux as Linux is superior in every way (Android excluded).
Fake news. I've run McAfee on my macs for years. There's never been a time in the past 15 years that I couldn't install an anti virus on my macs.

I never said they can't run AV's, I said Apple were recommending their users not to.

The only fake news here is that you totally misunderstood my post.
 

· Registered
Joined
·
651 Posts
Quote:
Originally Posted by Liranan View Post

I never said they can't run AV's, I said Apple were recommending their users not to.

The only fake news here is that you totally misunderstood my post.
1)
Quote:
Apple, in their great wisdom, decided to advise their users not to install AV's and patched OSX in such a way it was impossible to do so as they took up unnecessary and pointless resources. Not long after they had to admit that their OS wasn't as safe as they claim and started advising their users to install AV's anyway.
You did say they patched OSX to make it impossible to install an AV. That is FAKE NEWS

2) You said Apple was recommending users not to use an AV. Please explain why Apple encouraged users in 2007 to USE AV's and referenced their stance from 2002 also encouraging users to use AV's.
https://www.cnet.com/news/apple-suggests-mac-users-install-antivirus-software/

You made something up and then tried to backtrack. We get it, you don't like Apple, but fact checking will get you everytime. cheers.
 

· Politically incorrect
Joined
·
9,226 Posts
You are right, that was a slight mistake. I stand by what I said about Apple.
 
21 - 27 of 27 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top