Apple macOS High Sierra Security Vulnerability
A bug that allows anyone a blindingly easy method of breaking that operating system’s security protections. Anyone who hits a prompt in Apple macOS High Sierra asking for a username and password before logging into a machine with multiple users, can simply type “root” as a username, leave the password field blank, click “unlock”, and immediately gain full access.
Exploit for High Sierra root access:
Open “System Preferences” and Choose “Users & Groups” and click on the lock to make changes.
Here enter UserName “root” and press “unlock”.
It’s done you can change any user information without knowing their credentials.
Patch for High Sierra root access:
Open System Preferences and choose Users & Groups and click on the lock to make changes.
Here it will ask for your administrator name and password unlock it and hit on “Login Options”.
Now click on “Join” at the bottom of the window and click on the “Open Directory Utility”.
Here click on “Directory Utility”
Here at the top of the menu bar, choose “Edit” and click on ‘Enable Root User”.
Now set a new password in the root user.
This whole scenario will add a password to the “root” user so no one else can access it without knowing the password.