Apple Mac OS High Sierra Vulnerability Grants Admin Access Without a Password

The vulnerability gives admin access without a password through repeatedly clicking the login button. This is a serious security flaw not only because of that level of access, but also due to the simplicity of its execution. Affected users should apply the security updates when they’re available.

This security flaw also serves as a useful reference point for when intelligence agencies whine about needing “responsible” (i.e. encryption with insecure backdoors) encryption. There are plenty of software flaws for intelligence agencies to take advantage of already.

There seems to be a major flaw in Apple’s macOS High Sierra operating system that allows anyone with physical access to a Mac to gain system administrator access without so much as entering a password.

The vulnerability was publicly disclosed on Twitter this afternoon; it’s not clear whether the problem was privately reported to Apple ahead of time, which is the encouraged practice when security vulnerabilities are uncovered. (The company maintains an invite-only bug bounty program.) Despite its incredibly alarming simplicity, The Verge is not reproducing the steps to bypass High Sierra’s login screen here.

However, The Verge has been able to confirm the major security issue remains present as of MacOS 10.13.1, the current release of High Sierra. When the problem is exploited, the user is authenticated into a “System Administrator” account and is given full ability to view files and even reset or change passwords for pre-existing users on that machine. Apple ID email addresses tied to users on the Mac can be removed and altered, as well. There are likely many more ways that someone taking advantage of the issue could wreak havoc on a Mac desktop or laptop.

The level of unbridled access this security hole permits — and it abruptly being made public — will almost certainly prompt Apple to move fast in releasing an update for its Mac operating system.

Until that happens, the best way to protect your Mac against the issue reported today is by ensuring that you’ve set a root password. To do that, go to System Preferences > Users & Groups > Login Options > Join > Open Directory Utility > Edit. Enable the Root User if you haven’t already and then choose Change Root Password.

Advertisements

Flaw in WPA2 Wifi Protocol Potentially Allows Attackers to Steal Passwords and Other Sensitive Information

The advice I have is to update your operating system when the related security updates are available, which should either be now or soon enough. People may also want to consider updating their routers.

It’s interesting that this flaw in the common WPA2 protocol has been around for over a decade and is only now receiving a lot of attention. There are probably other vulnerabilities that are similar.

Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting.

The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. The research has been a closely guarded secret for weeks ahead of a coordinated disclosure that was scheduled for 8am Monday, East Coast time. A website disclosing the vulnerability said it affects the core WPA2 protocol itself and is effective against devices running Android, Linux, and OpenBSD, and to a lesser extent macOS and Windows, as well as MediaTek Linksys, and other types of devices. The site warned that attackers can exploit the flaw to decrypt a wealth of sensitive data that’s normally encrypted by the nearly ubiquitous Wi-Fi encryption protocol.

“This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on,” researcher Mathy Vanhoef, of the Katholieke Universiteit Leuven in Belgium wrote. “The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”