The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My work

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,311 other followers

Objective-See: the Mac OS X / MacOS / Mac OS 10 root password issue tracked down

Posted by jpluimers on 2017/11/29

[WayBackObjective-See: tracking down the cause a serious authentication flaw in Mac OS X / MacOS / Mac OS 10: resetting the root password by just clicking OK.

Via: [WayBack] How the MacOS High Sierra ##IAmRoot bug actually works. ##insightful … TL;DR the return value of the verify password function is interpreted wrong. Fix looks trivial. But this IS a serious bug. – Jan Wildeboer – Google+

Note the bug was already revealed two weeks ago: [WayBack] … after updating to High Sierra, the two admin accounts on this machine are all of a sudden standard accounts …

Via: [Archive.is] Mike Myers‏ @fristle: Perhaps nobody noticed two weeks ago when the root login vulnerability in macOS High Sierra was shared as a helpful tip on Apple’s own Developer forums. https://forums.developer.apple.com/thread/79235

The bug has already been fixed: [WayBack] About the security content of Security Update 2017-001 – Apple Support

Via: [WayBack] That was reasonably fast! ##Apple has released the fix for the embarrassing ##IAmRoot bug. https://support.apple.com/en-us/HT208315 – Jan Wildeboer – Google+

–jeroen

 

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: