Apple MacOS bug allows anyone to get access to your computer – but here's how to fix it
The fix is a little complicated – but required if you think there's any chance someone might want to read your private information
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.A huge Mac bug makes every Apple computer in the world vulnerable – but there’s an easy fix.
The update emerged overnight but has been discussed in some circles for weeks. That means that it’s likely anyone trying to break into your computer is aware of it, making it doubly important to make sure you guard against it.
Thankfully both Apple and external security experts have shared information on how to fix the problem, which is clear but a little complicated. Further information on the major hack can be found here.
Almost every Mac computer that is running High Sierra, the latest update to Apple’s operating system, is at risk – unless you’ve already done the workaround that stops the bug working.
Apple confirmed it is working on a fix that will come in a software update soon. But it shared a way of keeping computers safe in the meantime.
“We are working on a software update to address this issue,” it said in a statement. ”In the meantime, setting a root password prevents unauthorised access to your Mac. To enable the root user and set a password, please follow the instructions here: support.apple.com/en-us/HT204012. If a root user is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘change the root password’ section.”
External security experts have shared their concern that such a bug could break through. But they also endorsed the fix, and outlined one that is slightly quicker – though relies on slightly more advanced knowledge of how MacOS works.
“This is a very surprising bug that evaded the quality control on MacOS High Sierra,” said Tyler Moffitt, senior threat research analyst at Webroot. “Apparently, this also works on FileVault in the MacOS which makes this bug quite devastating. The good news is that as of right now, there is not any mention of malware that leverages this security flaw.
“We can expect Apple to quickly release a fix for this vulnerability. In the meantime, impacted users with admin access should type the following command from the terminal: ‘$ sudo passwd root’. After typing the command, the user should enter his/her password then create a new password for the root user.”
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments