Huge security flaw reveals how you can easily break into any MacBook or iMac


MacBook and iMac users are being warned about a major new security flaw which lets anyone access their machines without a password.

The bug allows someone to gain administrator rights to a MacBook or iMac using a very simple hack.

All it takes for someone to access a device running MacOS is to enter the username “root” and an empty password when they are asked to login.

While this may not work at the first attempt, if you click the login button multiple times, you will eventually be granted access to the device – complete with administrator privileges, meaning you can change passwords or add and remove important system files and all other user data.

We tested out the flaw on an iMac running the latest Mac OS High Sierra and were able to access the device using the bug. Multiple other news outlets and security experts have also verified that the flaw works.

One of those people was Ed Snowden who described the flaw as “really bad”.

The bug was discovered by developer Lemi Egin who posted about it on Twitter, tagging Apple in the Tweet.

Some users have hit out at Mr Egin going public rather than informing Apple privately so they can fix the issue.

In a statement, Apple acknowledged the security flaw and said: “We are working on a software update to address this issue.”

Until Apple releases an update to fix the issue, the only way safeguard your device is to setup a root password.

System Preferences > Users & Groups > Login options > Join > Open Directory Utility

You then need to choose the lock icon and logging in.

Then select edit menu and Change Root Password.

You will then be asked to enter your old password, which is likely to be blank, so you can change it to something more secure.

The whole process is a little long winded.

In the meantime, keep a look out for Apple releasing an update and make sure you install it immediately.


Comments are closed.