http://www.bbc.com/news/technology-42161823
Unbelievable bug has been discovered (though who knows for how long has it been exploited)
Unbelievable bug has been discovered (though who knows for how long has it been exploited)
Mac OS major security flaw : PSA
- Thread starter zed
- Start date
Some info from a Vulnerability Analyst at CERT/CC ...
The Apple High Sierra root issue is bad. If you have exposed "Screen Sharing", you can allow people into your machine with full GUI access, using no password. Setting the root password appears to prevent this from happening.
Apple "Remote Management" also has the same exposure. If "Control" is enabled, that gives full interactive remote root access to a system, without requiring a password.
The Apple High Sierra root issue is bad. If you have exposed "Screen Sharing", you can allow people into your machine with full GUI access, using no password. Setting the root password appears to prevent this from happening.
Apple "Remote Management" also has the same exposure. If "Control" is enabled, that gives full interactive remote root access to a system, without requiring a password.
iMacmatician
Regular
Apple has now released a security update to fix this problem.
Apple said:
This flaw was mentioned on Apple's Developer forums on November 13th 2017.
Last edited:
Audio device spun off to https://forum.beyond3d.com/threads/the-great-personal-audio-controversy-echo.60528/
