How to Watch King Charles’ Coronation in Canada: Start Time and More
King Charles's coronation is set to take place at London's Westminster Abbey on Saturday, May 6, and here's how you can watch it live in Canada.
How to Fix: macOS High Sierra Flaw Allows Admin Access Without Password
Turkish developer Lemi Orhan Ergin has uncovered a major security flaw in macOS High Sierra, which lets anyone get full admin access without a password. Ergin did not report this vulnerability to Apple first, but rather just tweeted it out after discovering it, which means everybody is at risk once word spreads.
We can confirm the bug is present in macOS 10.13.1 and for anyone with a Mac in a public office space, you are urged to fix this by yourself, immediately.
Essentially, the bug allows someone to either login to your Mac or unlock System Preferences by using the user name “root” and a blank password. We tested this bug on our Macbook Pro and yep—we were able to gain access to our machine after clicking “Unlock” after a couple of tries.
You can test this yourself:
1. Open System Preferences > Users & Groups > click the lock icon in the bottom left corner
2. Enter the user name ‘root’, click on the password field and leave it blank, then click ‘Unlock’. Try this 1-3 times and voila—It will accept and boom, full system access.
Here’s a video of the flaw in action:
?????? pic.twitter.com/4TBh5NetIS
— patrick wardle (@patrickwardle) November 28, 2017
What makes this flaw so dangerous is people are reporting it also allows for full keychain access and any login where a user name and password is required, even via remote access via OS X screenshare. If you want to protect yourself, physically keep your Mac on lockdown for now, until Apple releases a software update, which we expect will come out in the next 24-48 hours due to the severity of this bug.
The workaround right now according to the Twitterverse, is to set a root user password. Here’s how to do it on your Mac right now…
On your system, launch Finder and navigate to:
System > Library > CoreServices > Applications > Directory Utility
Click the lock in the bottom left corner to unlock, then go to Edit (in the menu on your Mac) and ‘Change Root Password’. You’ll be prompted to change the root password, so enter something you’ll remember and click OK:
Note that disabling the root user does not fix this, as you’ll still be able to bypass it. Changing the root password is the workaround for now.
Let us know how it goes for you, and stay tuned for Apple’s macOS update soon…
Update: An Apple spokesperson told MacRumors the following statement:
“We are working on a software update to address this issue. In the meantime, setting a root password prevents unauthorized access to your Mac. To enable the Root User and set a password, please follow the instructions here: https://support.apple.com/en-us/HT204012. If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘Change the root password’ section.”
[via The Register]
Other articles in the category: How To...
How to Use Special Effects in iMessages on iPhone, iPad [VIDEO]
You can make your Messages even more expressive with special effects, such as using bubble effects to change the way your message bubbles look.
How to Have Your iPhone, iPad Read Text to You [VIDEO]
You can not only have your iPhone speak selected text or the entire screen to you, but also have it provide feedback and speak corrections as you type.