ANYONE CAN HACK MACOS HIGH SIERRA JUST BY TYPING “ROOT”

ANDY GREENBERG 11.28.17 05:47 PM

https://www.wired.com/story/macos-high-sierra-hack-root/

THERE ARE HACKABLE security flaws in software. And then there are those that don’t even require hacking at all—just a knock on the door, and asking to be let in. Apple’s macOS High Sierra has the second kind.

Just tested the apple root login bug. You can log in as root even after the machi was rebooted pic.twitter.com/fTHZ7nkcUp

— Amit Serper (@0xAmit) November 28, 2017

malicious code running on the operating system could steal the contents of its keychain without a password.

Apple does have a bug bounty, but only for iOS, not MacOS.