A “devastating” flaw has been discovered in Apple’s macOS High Sierra operating system that allows anyone to log into your MacBook or iMac and gain administrator access without knowing the password.
Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as “root” with empty password after clicking on login button several times. Are you aware of it @Apple? — Lemi Orhan Ergin (@lemiorhan) November 28, 2017
Ergin then found that if you pressed “Enter” a number of times it would automatically log you in giving you completely unrestricted access to the machine as well as administrator privileges.
According to security experts the flaw only affects machines that are running the latest version of Apple’s operating system called High Sierra.
If you are running Sierra then this does not affect your machine and the advice is to almost certainly not update your MacBook or iMac until Apple issues an update.
Tyler Moffitt, Senior Threat Research Analyst at Webroot described the bug as “devastating” but was relieved to learn that, “as of right now, there is not any mention of malware that leverages this security flaw.”
For those looking for a temporary fix Moffitt has this advice:
According to the BBC Apple is working on an urgent update that patches the problem however there has been no estimate given as to when that will be.
HuffPost UK has reached out to Apple for further comment.
Apple unveiled its new operating system back in June as a minor cosmetic update but one that contained some pretty major changes to the way that Macs and MacBooks operate.
This included a new video language that would make files smaller yet still retain their original quality.
Other updates included graphics improvements and the ability for iMacs to start supporting virtual reality headsets like HTC’s Vive.