bodyType

customContents

entityId

entityUuid

articlePageQuery

filter

article

articleBaseAdvertisingInfoArticle

articleListArticle

articleSeoArticle

hooksArticleAcknowledgementGateOverlayArticle

hooksTrackPageViewArticle

hooksContentInterestArticle

articleLinkingDataContent

hooksAmpRedirectArticle

articleSchemaContent

liveArticle

advertZone

sentiment

contentLock

topics

types

sections

paywallTypes

createdDate

publishedDate

sponsorType

urlAlias

moreOnThisArticles

commentCount

authorLocations

authors

corrections

displaySlideShow

multimediaEmbed

printHeadline

seriesContainer

articleSpeeches

socialHeadline

headline

images

flag

firstTopic

glossary

flattenTypeIds

image

relatedLinks

relatedNewsletters

__typename

sponsor

pdfFiles

seriesReverseOrder

series

disableOffPlatformContent

published

updatedDate

summary

subHeadline

body

keywords

readingTime

customTimezone

liveContents

Tribune News Service

Apple is preparing a fix for a bug that can let an intruder infiltrate Macs running the latest version of the operating system software, MacOS High Sierra.
The bug, made public on Twitter on Tuesday by Turkish software developer Lemi Orhan Ergin, revealed that anyone can log into a Mac or adjust settings on the computer by entering the login name “root” and clicking enter, no password needed.

Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?
— Lemi Orhan Ergin (@lemiorhan) November 28, 2017

<![CDATA[// ><!]]>

The person would need physical access to the computer as the login cannot be done remotely.
USA TODAY confirmed the vulnerability on a late 2013 MacBook Pro running MacOS 10.13.1 and a late 2015 iMac running the same software. The bug unlocks the safeguards that prevent changes in “System Preferences” on the machine as well letting someone log into the Mac from the lock screen by simply going to the “other user” tab.
Apple said the fix would come in a future software update. In the meantime, the company recommends users follow steps outlined on its support page to disable root user access.

“We are working on a software update to address this issue,” the company said in a statement provided to USA TODAY. “In the meantime, setting a root password prevents unauthorised access to your Mac. Instructions on how to enable the root user and set a password are on Apple ... If a root user is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘change the root password’ section.”
In following Apple’s steps, USA TODAY was able to disable the “root user” access.
Apple did not immediately respond to a question as to when users might expect to see a software update.
The latest bug poses plenty of risks. By giving anyone administrator access, they would have unfiltered access to files as well as the ability to delete data, change your password or even lock users out of the computer. The security flaw also would allow someone to make changes remotely as long as they were connected to the vulnerable computer.

Apple’s new AirTag tracker is louder, better connected, but is it worth upgrading?

Meet Florence Hunt, who plays Hyacinth Bridgerton and just became a Dior muse

‘Optimus chain’: Chinese suppliers form the backbone of Tesla’s humanoid robot initiative

China gives Apple ‘best iPhone quarter in history’ with 38% revenue growth

Apple

Login bug leaves big hole in Apple Mac computer security

An iMac running MacOS High Sierra. Photo: Shutterstock

shutterstock_712241977.jpg This shutterstock shot of Alushta, Russia - June 8, 2017: Backgrounds MacOS High Sierra in the screen of MacBook Pro. MacBookPro was created and developed by the Apple inc. Photo: SHUTTERSTOCK