Patch

Critical MacOS High Sierra 10.13 Vulnerability Allowing Root Logon Without Password

Updated

On November 28th, a researcher discovered that by going into a Mac's System Preferences and clicking on the Lock icon, it is possible to authenticate as root with a blank password. Researchers later identified that if certain services such as Remote Management or Remote Screen Sharing were previously enabled, an attacker could use this vulnerability to authenticate remotely to the computer and take complete control of the system. Early in the morning of November 29th, Apple released the patch for this vulnerability [1].

IT Security recommends patching this vulnerability as soon as reasonably possible. To determine whether your Mac is affected, check the version of your macOS [2], if it is any version 10.13 and build 17A365, 17A405, or 17B48, you should patch [3]. If you are unable to patch, contact us at Security@ucla.edu.
 
[1] https://support.apple.com/en-us/HT208315
[2] https://support.apple.com/en-us/HT201260
[3] https://support.apple.com/en-us/HT201541