ibusinesslines.com July 23, 2018

Apple rolls out fix for MacBook's security flaw

04 December 2017, 12:57 | Jodi Jackson

Apple rolls out fix for MacBook's security flaw

Apple rolls out fix for MacBook's security flaw

Apple released an update to its latest operating system for Mac computers and said it's changing development practices after a significant security flaw was disclosed Tuesday that allowed people to log in without a password, potentially making private user data vulnerable.

Apple's quick patch for the recently discovered "root" user bug can be undone by upgrading to macOS 10.13.1. Ergin said staff members reported the vulnerability to Apple on November 23, and he disclosed the flaw publicly in a tweet on Tuesday. "I can't think of anything worse that has been shipped by a major operating system in the past decade".

One small bright spot may be that the vulnerability requires local access and appears hard, though not impossible, to exploit remotely. This, in particular, provides access to the login screen in Mac blocked. "If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the "Change the root password" section".

"It's really serious, because everyone said 'hey, Apple made a very fast update to this problem, hooray, '" Innogy software engineer Volker Chartier in a statement to Wired.

In a Medium post today, Ergin today said his Twitter disclosure about the Mac bug was met with "many reactions like a blast". However, the bug is not fixed in that case until the user reboots the computer.

Developers can download the macOS Developer Beta Access Utility from the link below... It was discovered that it was possible to log into the "root" account without entering a password, and - although the company seemed to have been alerted to the issue a couple of weeks back - praise was heaped on Apple for pushing a fix out of the door quickly. "This is really REALLY bad".

Several experts have lambasted Apple for allowing the vulnerability in the first place.

Even if a Mac user reinstalls the security update after updating to macOS High Sierra 10.13.1 - and actually, Apple will automatically install it no matter what - users could still be at risk, according to Thomas Reed, a security researcher at MalwareBytes focused on Apple products. "Never mind one from a security and privacy-conscious company such as Apple", Steve Troughton-Smith, a Mac software developer, wrote on Twitter.

Other News

Trending Now

UFC 218 Results: Francis Ngannou Destroys Alistair Overeem Early
The heavyweight bout was the co-main event of today's UFC 218 event at the new Little Caesars Arena in downtown Detroit. The victory extends Ngannou's unbeaten streak to six straight fights in the UFC, and 10 in a row overall.

Penn State to play Washington in the Fiesta Bowl
Washington, making its first appearance in the storied bowl, is trying to finish an up-and-down 2017 campaign on a positive note. The Fiesta Bowl was the site of Penn State's 14-10 win over Miami in January 1987 for the Lions' second national championship.

Rickie Fowler conquers Bahamas to win Hero World Challenge
Jordan Spieth (72) and England's Justin Rose (71) were tied for second at nine-under 207, one stroke ahead of Italy's Francesco Molinari (71).

'Potential for war with N Korea rising every day'
After the missile was tested, Trump tweeted Wednesday that "additional major sanctions will be imposed on North Korea". Still, he said, Pyongyang's actions had made America's alliances with Japan and South Korea "stronger than ever".

OnePlus 5T Star Wars limited edition device launched
According to TechPP , the limited edition smartphone will be exclusive to India with the launch expected on December 16 in Mumbai. In addition to design changes, the OnePlus 5T Star Wars Limited Edition will also ship with themes, ringtones and effects.

Pardew content after making point against familiar foes Palace
The manager was dealt a blow when keeper Wayne Hennessey injured himself in the warm-up, which resulted in Julian Speroni taking his place back in goal.

1 dead after hit-and-run driver strikes several pedestrians in Queens
WABC reports the driver, who originally fled the scene, is now in custody and being questioned by police. Authorities say the people were at a hookah bar, and two people got into a fight and stabbed each other.