Yes, you can log into macOS High Sierra’s root account with no password.
In this special “emergency” edition of the podcast cybersecurity veterans Graham Cluley and Carole Theriault discuss the breaking news of a serious Apple macOS bug that allows anyone to log into your Mac with root admin rights, without having to enter a password.
Show notes:
Please check out the show notes for this episode of the podcast on the Smashing Security webpage.
Smashing Security #54:
054: A great big fat macOS bug
Hosts:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Carole Theriault:
Follow the show:
Follow the show on Bluesky at @smashingsecurity.com, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Definitely bad for Apple… but Carole said "All Mac users should update when the fix is out"… well, not me, I'm still on macOS Sierra (10.12.6) so not all macOS users are affected. Actually I have a root password anyway so I'll postpone the panic, acknowledge the chortling and move on.