Colin Devroe

Reverse Engineer. Blogger.

macOS High Sierra security vulnerability

Dan Moren, reporting on this tweet from Lemi Orhan Ergin:

Unsurprisingly, that news has quickly rippled through the Apple community as many people—including yours truly—have verified the claim. You can test it for yourself by going to any locked System Preferences pane, trying to unlock it, and entering username rootwith no password. (The number of tries varied for me—sometimes it worked on the first attempt, but pretty much always by the second.)

Even though I’m starting to have small issues with Sierra I’m very, very happy I haven’t yet updated to High Sierra. This has been just about the worst release of macOS since I switched to the Mac on “Cheetah”.