科技动态

Major Apple security flaw grants admin access on macOS High Sierra without password

微信扫一扫,分享到朋友圈

Major Apple security flaw grants admin access on macOS High Sierra without password
0

There seems to be a major flaw in Apple’s macOS High Sierra operating system that allows anyone to log into a machine and gain system administrator access without so much as entering a password. The vulnerability has been publicly disclosed on Twitter; it’s not clear whether the problem was privately reported to Apple ahead of time, which is the encouraged practice when security vulnerabilities are uncovered. (The company maintains an invite-only bug bounty program
.) Despite its incredibly alarming simplicity, The Verge
is not reproducing the steps here.

However, The Verge
has been able to confirm the major security issue remains present as of MacOS 10.13.1, the current release of High Sierra. When the problem is exploited, the user is authenticated into a “System Administrator” account and is given full ability to view files and even reset or change passwords for pre-existing users on that machine. Apple ID email addresses tied to users on the Mac can be removed and altered, as well.

The level of unbridled access this security hole permits — and it abruptly being made public — will almost certainly prompt Apple to move fast in releasing an update for its Mac operating system.

阅读原文...


The Verge

The possibility of the Galaxy S9 featuring an embedded fingerprint scanner just got higher

上一篇

Apple Mac Software Has Login Flaw That Puts Data at Risk

下一篇

您也可能喜欢

评论已经被关闭。

插入图片
Major Apple security flaw grants admin access on macOS High Sierra without password

长按储存图像,分享给朋友