The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,969 other subscribers

Objective-See: the Mac OS X / MacOS / Mac OS 10 root password issue tracked down

Posted by jpluimers on 2017/11/29

[WayBackObjective-See: tracking down the cause a serious authentication flaw in Mac OS X / MacOS / Mac OS 10: resetting the root password by just clicking OK.

Via: [WayBack] How the MacOS High Sierra ##IAmRoot bug actually works. ##insightful … TL;DR the return value of the verify password function is interpreted wrong. Fix looks trivial. But this IS a serious bug. – Jan Wildeboer – Google+

Note the bug was already revealed two weeks ago: [WayBack] … after updating to High Sierra, the two admin accounts on this machine are all of a sudden standard accounts …

Via: [] Mike Myers‏ @fristle: Perhaps nobody noticed two weeks ago when the root login vulnerability in macOS High Sierra was shared as a helpful tip on Apple’s own Developer forums.

The bug has already been fixed: [WayBack] About the security content of Security Update 2017-001 – Apple Support

Via: [WayBack] That was reasonably fast! ##Apple has released the fix for the embarrassing ##IAmRoot bug. – Jan Wildeboer – Google+





Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: