The tech giant intended to plug a hole in High Sierra version 10.13 that would allow anyone with physical access, or remote access through a software client, to bypass security screens and grant themselves admin privileges, simply by typinig in "root" as their username and leaving the password field blank.Īpple issued the patch almost immediately last week, but once updated, users began to notice they could no longer authorise their connections to their file-sharing client, which is used by both personal and business users. : Apple's password bug returns on High Sierra updateĪpple's patch to address a serious password bug on macOS High Sierra may not have fixed the original problem, with the flaw reappearing for some users. Version 10.13.2 is available through the "Updates" section of the App Store app. : Apple has released a new update to its High Sierra operating system that offers a permanent fix to the widely reported root password bug and several other improvements to security and enterprise features.Īs with any update, it's worth backing up your data before you install it. The major problem for users who can install the patch, however, is it will cause declines in performance for the affected machines by as much as 30%. This could present a particular problem for owners of older hardware that doesn't support macOS High Sierra.
If left unpatched, the bug allows normal user programs, such as database applications and JavaScript in web browsers, to distinguish some of the layout or contents of protected kernel memory areas of the chips. The vulnerability allegedly affects all systems running Intel x86 chips and is present across all popular operating systems, including Windows, Linux, and macOS, but is currently under embargo, meaning the full details of the bug are yet to be officially announced. Nevertheless, the chip design flaw shouldn't be taken lightly.
0 kommentar(er)
