If you’ve updated your Mac to the latest macOS High Sierra, you may have noticed a rudimentary security bug. This bug lets anyone log in to your computer using the username ‘root’ with no password. In this post, we’ll let you know regarding how to fix macOS root security bug.
The bug has raised security concerns among Mac users. Anyone who wants to adjust settings on your device just needs to enter ‘root’ as user name – no password, nothing else is required. In this way, any unauthorized user can gain all the administrator rights and change your password, customize settings for downloading applications, access keychain data, among others. Although it may not work the first time, attempting it several time will unlock the padlock, giving hackers access to your machine.
However, a hijacker is unable to use root and no password at Mac’s user login screen that appears at startup. The macOS bug only works once you’re logged in to your Mac.
Enough talk, let’s get to know how to quickly fix the root issue on macOS and stop hackers to access your Mac. Allow us to walk you through the process.
Fix macOS Root Security Bug
Apple has promptly released a security update to patch this security vulnerability. Simply open the Mac App Store and click on the Updates tab to install Security Update 2017-001. The update has addressed the root bug issue that lets a hacker bypass administrator authentication without providing the password. Apple also notes that in case you’ve recently updated from macOS High Sierra 10.13 to 10.13.1, it’s recommended to reboot your Mac to make sure the Security Update is applied properly.
Want to confirm if your Mac has Security Update 2017-001? Follow the steps outlined below:
- Launch the Terminal app navigating to the Applications > Utilities folder
- Type what /usr/libexec/opendirectoryd and press the Return key
- In case the Security Update 2017-001 was installed successfully, you’ll see one of the following project version numbers:
- opendirectoryd-483.1.5 on macOS High Sierra 10.13
- opendirectoryd-483.20.7 on macOS High Sierra 10.13.1
In this way, you can easily fix macOS root security bug by installing the latest update on your device.
Read more at 25 Best Mac Apps You Should Know
In case you’re unable or unwilling to install the latest security update, follow the steps given below to fix macOS root security bug:
- Launch the Finder
- Click on the Go > Go to Folder option
- Type /System/Library/CoreServices/Applications/ in the given text box
- Click on the Go button
- Press the Command + Space key combination to open Spotlight
- Search for the Directory Utility Once found, launch it
- A pop-up window will appear. Enter your name and password
- Click on the Modify Configuration option
- Click on the Edit button
- Select the Change Root Password option. Once done, click on the Ok button to continue
- Afterward, click on the lock again to lock it so no more changes can be made
- Close Directory Utility
From now onwards, if anyone tries to log in as root, he/she will need to enter a password.
You may also like: How to Find the Best in Mac Apps