Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News

      TechCentral Nexus S0E2: South Africa’s digital battlefield

      16 June 2025

      AI and the future of ICT distribution

      16 June 2025

      Beijing’s chip champions blacklisted by Taiwan

      16 June 2025

      The little-known company disrupting Eskom’s monopoly

      16 June 2025

      Chief sub-editor wanted – help shape South African tech media

      16 June 2025
    • World

      Yahoo tries to make its mail service relevant again

      13 June 2025

      Qualcomm shows off new chip for AI smart glasses

      11 June 2025

      Trump tariffs to dim 2025 smartphone shipments

      4 June 2025

      Shrimp Jesus and the AI ad invasion

      4 June 2025

      Apple slams EU rules as ‘flawed and costly’ in major legal pushback

      2 June 2025
    • In-depth

      Grok promised bias-free chat. Then came the edits

      2 June 2025

      Digital fortress: We go inside JB5, Teraco’s giant new AI-ready data centre

      30 May 2025

      Sam Altman and Jony Ive’s big bet to out-Apple Apple

      22 May 2025

      South Africa unveils big state digital reform programme

      12 May 2025

      Is this the end of Google Search as we know it?

      12 May 2025
    • TCS

      TechCentral Nexus S0E1: Starlink, BEE and a new leader at Vodacom

      8 June 2025

      TCS+ | The future of mobile money, with MTN’s Kagiso Mothibi

      6 June 2025

      TCS+ | AI is more than hype: Workday execs unpack real human impact

      4 June 2025

      TCS | Sentiv, and the story behind the buyout of Altron Nexus

      3 June 2025

      TCS | Signal restored: Unpacking the Blue Label and Cell C turnaround

      28 May 2025
    • Opinion

      Beyond the box: why IT distribution depends on real partnerships

      2 June 2025

      South Africa’s next crisis? Being offline in an AI-driven world

      2 June 2025

      Digital giants boost South African news media – and get blamed for it

      29 May 2025

      Solar panic? The truth about SSEG, fines and municipal rules

      14 April 2025

      Data protection must be crypto industry’s top priority

      9 April 2025
    • Company Hubs
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • AvertITD
      • Braintree
      • CallMiner
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • Incredible Business
      • iONLINE
      • Iris Network Systems
      • LSD Open
      • NEC XON
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Tenable
      • Vertiv
      • Videri Digital
      • Wipro
      • Workday
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Motoring
      • Public sector
      • Retail and e-commerce
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
    • Events
    • Advertise
    TechCentralTechCentral
    Home » News » Serious security flaw in new macOS software

    Serious security flaw in new macOS software

    By Agency Staff29 November 2017
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp

    Apple customers have discovered a significant security flaw in the latest version of the operating system for Mac computers that allows anyone to log in without a password, potentially making private user data vulnerable.

    The issue, discovered in the macOS High Sierra operating system for laptops and desktops that was released in September, allows people to enter the word “root” when prompted for a username, and provide no password when logging on to the device.

    The glitch allows anyone to access the file system for a Mac, exposing private documents on that particular computer. One user reported the ability to also access the computer using the root login remotely.

    A password prompt that authenticates as root with an empty password would be a black eye for any OS, never mind one from a security and privacy-conscious company such as Apple

    The glitch is a rare and potentially embarrassing failure for Apple, whose software is generally known for being less prone to hacking and malware infections than Windows software from Microsoft. The previous version of the operating system didn’t appear to be affected by the bug.

    “A password prompt that authenticates as root with an empty password would be a black eye for any OS, never mind one from a security and privacy-conscious company such as Apple,” Steve Troughton-Smith, a Mac software developer, wrote on Twitter.

    Apple spokesman Bill Evans said the company is “working on a software update to address this issue. In the meantime, setting a root password prevents unauthorised access to your Mac”.

    Tests of the flaw indicate that it could be used to alter a user’s system settings that normally require a chosen username and password. Some settings include changing key security preferences — like enabling or disabling a computer’s firewall or storage drive encryption.

    Fixing the problem

    The flaw was publicised on Tuesday on Twitter by Lemi Orhan Ergin, a software engineer based in Turkey. Edward Snowden, a key voice in the information security community after being the centre of many years of US National Security Agency leaks, commented on the disclosure. “Imagine a locked door, but if you just keep trying the handle, it says ‘oh well’ and lets you in without a key,” he wrote on Twitter.

    Until Apple releases a new version of the software or patches the flaw, users can fix the issue by assigning their own password to the root account. This can be done by navigating to System Preferences, selecting Users and Groups, clicking Login Options on the left side of the menu, clicking the Join button next to Network Account Server, clicking Open Directory Utility, then clicking Edit in the Mac’s menu bar to assign a password. Apple also has instructions available on its website.  — Reported by Mark Gurman, (c) 2017 Bloomberg LP



    Apple
    Subscribe to TechCentral Subscribe to TechCentral
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticleBitcoin at $10 000: where it goes from here
    Next Article Datatec shareholders to receive R4.9bn in special dividend

    Related Posts

    10 red flags for Apple investors

    13 June 2025

    Qualcomm shows off new chip for AI smart glasses

    11 June 2025

    Apple throws shade, not code, as it falls behind in AI

    10 June 2025
    Company News

    Huawei Watch Fit 4 Series: smarter sensors, sharper design, stronger performance

    13 June 2025

    Change Logic and BankservAfrica set new benchmark with PayShap roll-out

    13 June 2025

    SAPHILA 2025 – transcending with purpose, connection and AI-powered vision

    13 June 2025
    Opinion

    Beyond the box: why IT distribution depends on real partnerships

    2 June 2025

    South Africa’s next crisis? Being offline in an AI-driven world

    2 June 2025

    Digital giants boost South African news media – and get blamed for it

    29 May 2025

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2025 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.