Mac High Sierra Serious Security Flaw

I’m sure you may have heard of this by now, but if you have Macs running High Sierra in your environments, please read.
Anyone can sign into a mac running MacOS High Sierra with the username “root” and no password if they click login a few times. I confirmed it on a friend’s mac a few minutes ago.
Official Apple statement as of now is to create a user with the username “root” and a secure password.
I’m sure it will be patched very soon but we have a few clients with macs and they may have some questions of they hear the news in the morning.

First post about the issues on Twitter by a developer:

Best article I found on it here:

Also, a lot of people saying it can’t be exploited remotely but more tweets showing video of that not being true:

2017-002 was also released.

This will auto install if you don’t do it yourself.

Yes sir. That is correct. Thanks Will!

Apple released an emergency update for this yesterday. You just want to make sure that it gets installed ASAP, and you should be good to go.

Yes, sir thanks Jeremy!

1 Like