Question

Vulnerability 10.13 - Root

Forum|Forum|8 years ago
November 28, 2017
82 replies
368 views

+18

rderewianko
Honored Contributor

Since this is out there, and the original finder did not go through responsible disclosure. Figured i'd post it here so at least admins are aware.
https://twitter.com/lemiorhan/status/935578694541770752

Dear @AppleSupport, we noticed a HUGE security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?

This works on User & Admin accounts.

That being said, if you enable root and have a password on it. You're not affected. If you don't it'll enable root and create an account.

Enabling a root password however may cause you more tech debt down the line.

Show first post

1
2
3
4

Forum|pagination.label 4 / 4

T

+15

Taylor_Armstron
Valued Contributor
Forum|Forum|8 years ago
November 29, 2017

Read up, matin! ;) . (released at 8:00 this AM)

Like

S

+1

scharest
New Contributor
Forum|Forum|8 years ago
November 29, 2017

Anybody know a way to create a Smart Group to verify if the patch was installed on systems?

Like

+24

mm2270
Legendary Contributor
Forum|Forum|8 years ago
November 29, 2017

@scharest Per the Apple support article detailing the patch, the new OS build version will be "17B1002", so you can use the "Operating System Build" criteria to build a Smart Group that has build "17B1002" installed. That should group machines that have the patch applied.
If you want the reverse, i.e, machines running High Sierra but don't have the patch installed, use these: