Fix: macOS High Sierra root bug - change root password - How to

Fix macOS High Sierra root bug by changing root password

There is major security flaw discovered in macOS High Sierra that allows macOS High Sierra root access without any password requirement. This macOS High Sierra root bug potentially leaves your personal and business data at risk. Here we are going to talk about this security bug in greater details and will also walk you through step-by-step instruction to fix macOS high sierra root vulnerability.

fix high sierra root bug

The security bug in the latest version of Apple’s desktop operating system was first discovered by a developer named Lemi Orhan Ergin. He publicly contacted Apple about his discovery. The vulnerability would allow anyone with physical access to your Mac running macOS High Sierra to tinker with your personal data without requiring an admin username and password.

In case you are not familiar with the term “root,” it basically is an admin user with maximum access to a device. In macOS, root user/account is disabled by default. However, due to the bug in the operating system, the root user is enabled by default and allows anyone to access your Macbook or iMac running High Sierra without a password.

Apple has acknowledged that the security bug does exist and the company is actively working on pushing a fix to the general public. What should a general user do until Apple releases a fix through an update? Fret not, enable root password and set your desired password to prevent someone from unauthorized access to your Mac.

Note: Theis security vulnerability only affects macOS High Sierra devices. Any High Sierra user who has not disabled guest account access or did not change the root password (likely majority) are currently open to the security bug.
If your Mac is running macOS High Sierra then follow the step-by-step instruction below to fix the root bug of macOS High Sierra.

Until Apple releases macOS High Sierra Security update, there are two steps that a Mac user can take to mitigate the situations; disable the guest account: this will it more difficult for an attacker to get inside access and make changes to the Settings. However, this does not get rid of the current root bug that does not depend on a guest account access. Even the users who use a username and password to login to their Mac are vulnerable to this bug.

The second step that stops the security bug altogether is to change system’s root password. Please note that you will have to change root password once again after the Apple releases a fix for it.

How to change root password to fix macOS High Sierra root bug

If you have not enabled the root user (in most cases) then you will have to enable it first and then change the root password. Doing so will fix the root bug found inside the macOS High Sierra. Follow these steps:

  1. Click on the Apple logo at the top-left corner of the screen and choose System Preferences from the menu.
    macos high sierra root bug preferences
  2. Click on Users & Groups from the System Preferences.
    macos high sierra root bug users
  3. To make changes, you need to click the Lock icon at the bottom left of the Users & Groups window.
  4. You need to enter administrator username and password and click Unlock button.
    macos high sierra root security unlock
  5. Click on the Login Options at the bottom left side of the window.
  6. Now click the Join button.
  7. Click the Open Directory Utility… button.
    change macos high sierra root password
  8. Click on the Lock (at bottom-left of the window) to make changes.
  9. Input your admin username and password followed by a click on the Modify Configuration button.
    change macos high sierra root security
  10. Now click Edit from the Menu bar at the top of the screen and choose Enable Root User (if you’ve not already enabled it). If the root user is already enabled, click Change Root Password… from the menu.
    change high sierra root password
  11. Input a password for macOS root user and click OK.
    macos high sierra root user
  12. Click on the unlock icon to Lock it to prevent further changes.
  13. fix macos high sierra root bug

That’s it! You are now protected from the recent macOS High Sierra bug until Apple releases an official fix for the root bug.

0 comments… add one

Leave a Comment