Skip to main content
Customer Support Customer Support

MacOS High Sierra - Massive Software Flaw

  • November 29, 2017
  • 4 replies
  • 37 views
F
Forum|alt.badge.img+48
Posted earlier by community member, @, this vulnerability effectively allows someone with physical access to your machine, to log in. 
 
We spoke with @, our Senior threat research analyst, who had this to say on Twitter
 
1/2 “This is a very surprising bug that evaded the quality control on Mac OS High Sierra. Apparently, it also works on FileVault in the Mac OS, which makes this bug quite problematic.” – @TylerM_Webroot, Sr. threat research analyst. https://t.co/q1ZIVoPCia
— Webroot (@Webroot) November 28, 2017
2/2 “We expect @Apple to release a fix for this vulnerability. In the meantime, any payloads that are found to use this exploit will certainly be added to our threat database to be blocked.” – @TylerM_Webroot, Sr. threat research analyst.
— Webroot (@Webroot) November 28, 2017
It seems that Apple was able to publish a user guide explaining how to defeat the exploit for now. 
    ProTruckDriver
    RetiredTripleHelix
    Jasper_The_Rasper

    4 replies

    10d
    Popular Voice
    Forum|alt.badge.img+19
    • 10d
    • Popular Voice
    • November 30, 2017
    Fix released as macOS 10.13.1 :
    https://arstechnica.com/gadgets/2017/11/new-security-update-fixes-macos-root-bug/
    --
    F
    Forum|alt.badge.img+48
    • freydrew
    • Author
    • Retired Webrooter
    • November 30, 2017
    Thanks for sharing this with everyone @ 
    Ssherjj
    F
    Forum|alt.badge.img+48
    • freydrew
    • Author
    • Retired Webrooter
    • December 4, 2017
    As @ pointed out yesterday here, the recent Apple bug 'fix' now has a bug of its own. 
    Jasper_The_Rasper
    Ssherjj
    J
    10d
    Popular Voice
    Forum|alt.badge.img+19
    • 10d
    • Popular Voice
    • December 5, 2017
    requires you to reboot as per:
    https://support.apple.com/en-us/HT208315
    --
    Terms & ConditionsAccessibility statement