Skip to content

macOS High Sierra, a bug allows you to create an administrator account without password

29th November 2017

A MacOS High Sierra bug can be exploited to create an administrator account without entering a password, the bug can be exploited when you try to access an administrator account on an unlocked Mac, but it can also create an administrator account from the login screen (i. e. with a locked Mac).

Specifically, the bug was found in macOS High Sierra 10.13 and macOS High Sierra beta 10.13.2. We can confirm that we have personally verified the existence of the bug in macOS High Sierra 10.13 (stable version).

MacOS High Sierra

Apple has already made an official statement

We are working on a software update that fixes the problem. Meanwhile, setting a root password prevents unauthorized access to your Mac. To enable the root user and set a password, see instructions at this address. If a Root user is already active, to ensure that an empty password has not been set, follow the instructions in the “Change root password” section.

On unlocked Mac, to check if the fault is present, simply follow these steps:

  • Open system preferences
  • Select users and groups
  • Click on the padlock icon to make changes
  • Type “root” in the Username field
  • Scroll to the Password field, click and leave the field blank.
  • Click Unlock: You should have the option to add a new administrator account.

On a blocked Mac, if your guest account is active, you can use the same error from the login screen by clicking “More” and entering “root” as your blank username and password. This is even more dangerous than the previous hypothesis, as access to Mac content can be done without the owner unblocking it.

Pending the official settlement, it is possible to contain the risks by first deactivating the guest account through the following steps:

  • Start system preferences
  • Select users and groups
  • Select guest user
  • Clear the “Allow guests to log on to this computer” check box.

Another thing to do is to replace the root password in MacOS High Sierra, as suggested by Apple (see opening step). The steps to avoid leaving the password field blank for the root user by entering a real password are as follows:

  • Open system preferences
  • Select users and groups
  • Select Login Options
  • Select “Login” at the server network account entry
  • Select Open Utility Directory
  • Click the lock icon and enter your password to make changes.
  • From the menu bar select “Edit” and “Change root user password”.
  • Enter a new password

via

>>> If you use Telegram you are interested in subscribing to our Telegram Channel, with all the blog articles and much more.