Archived Post

Apple releases Security Update 2017-001 to fix macOS High Sierra vulnerability

Apple has released Security Update 2017-001 to fix a vulnerability that enables access to the root superuser with a blank password on any Mac running macOS High Sierra version 10.3.1. 

Yesterday afternoon Lemi Orhan Ergin set off a firestorm on Twitter when he revealed a security issue in macOS High Sierra. Anyone can — or, rather could — login as “root” with no password required. It turns out that the issue in question works with any authentication dialog in High Sierra.

Dennis Sellers
the authorDennis Sellers
Dennis Sellers is the editor/publisher of Apple World Today. He’s been an “Apple journalist” since 1995 (starting with the first big Apple news site, MacCentral). He loves to read, run, play sports, and watch movies.