Big Apple Flaw Allows Root Access to Macs without Password

  /     /     /  
Publicated : 22/11/2024   Category : security


Big Apple Flaw Allows Root Access to Macs without Password


Vulnerability affects machines running High Sierra operating system.



Mac users and administrators need to be on the lookout for compromised machines after a security researcher disclosed late yesterday a big flaw in Apples macOS High Sierra platform that allows for password-less logins to root accounts.
Publicly disclosed
by software engineer Lemi Orhan Ergin via Twitter, the flaw allows someone with physical access to the machine to log in as root by leaving the password field empty in a System Preferences unlock screen.
This could be particularly thorny for enterprise environments where users might walk away from their machines, leaving them unattended, says John Bambenek, threat research manager for Fidelis Cybersecurity.
Most times when people are outside corporate environments, theyre either using their laptops or theyre in their bag with them, he says. In the corporate environment, you leave your stuff at your desk, insiders could easily start enabling local administrator accounts that then they could use to bypass local access controls on the endpoint.
According to Mike Buckbee, security engineer for Varonis, this flaw provides another reminder that physical access to a machine is still one of the biggest threats to that machine.
If left for just a few moments in the wrong hands, your device could easily be compromised, he says.
Bambenek says that this flaw might also help enable laptop theft and that even though theres nothing found in the wild just yet, it could also potentially fuel phishing campaigns. 
Its possible to script and create a working exploit to put into a phishing email or a browser-based lure. I dont think anyone has fully operationalized this maliciously in the wild yet, but if that did start happening, cleanup becomes more important, he says. People will click on dumb things and Mac users have an artificial sense of security.
Early reports indicate that the issue came because the operating system doesnt handle a very specific error condition well; if that holds, Bambenek believes Apple will be able to get a patch out fairly quickly. In the interim,
Apple has created a guide
for users to work around the problem and mitigate the threat. Once the patch is applied, the trick will be figuring out which machines have had root accounts tampered with maliciously.
Fixing the code seems pretty straightforward, but the cleanup part is hard, he says. Its figuring out what to do with all the machines that may have these accounts created. You cant reset the passwords because somebody might legitimately have set the root password.
Related Content:
The State of Apple Security
iPhone X Face ID a Facial Biometrics Catalyst?
Insider Threats: Red Flags and Best Practices
 

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Big Apple Flaw Allows Root Access to Macs without Password