INFORMATION SECURITY ALERT: RISK Medium - Mac OSX High Sierra 10.13 and Greater VulnerabilityBy: Jeff Gardiner
Recently Apple introduced its operating system “High Sierra” which does not set by default a password for the highest privilege account “root”. As a consequence, there is a root login vulnerability in macOS High Sierra. Apple is aware of this as the vulnerability was actually discussed it on their Developer Forum (as a solution to another problem):
HOW IT EFFECTS US
Anyone running this Operating System has a fundamentally insecure machine as anyone who knows that the root password is not set can escalate privilege on the machine effectively compromising the machine. That said, a person must have either direct access to the machine OR virtual desktop access. Western blocks Virtual Access technology so in our environment (at least) the threat of network compromise is being managed.
PROBLEM SIMPLY EXPLAINED
No root (or Administrator) password means anyone can control the machine; installing software, key logging, copying screen shots etc. Western Technology Service’s helpdesk has conducted tests and confirm that this exploit is as simple as logging in without a password. After trying this in System Preferences Western staff were able to login as root.
- Install Mac supplemental update: https://support.apple.com/en-ca/HT201222
- Set Root password: https://krebsonsecurity.com/2017/11/macos-high-sierra-users-change-root-password-now/
For additional details contact WTS helpdesk or firstname.lastname@example.org.
Published on and maintained in Cascade CMS.