Despite what some believe, Apple devices don’t have bullet-proof security, and have been hacked in the past. That said, Apple’s team does tend to take security seriously, and makes better security decisions than some. That’s why the industry was so surprised by an unexpected local root vulnerability in the latest version of MacOS. In short, Apple’s MacOS update results in a blank “root” user password, meaning any unprivileged user with local access can gain complete control of your Mac. Watch the video for more detail, and be sure to change your root password.
Episode Runtime: 3:00
Direct YouTube Link: https://www.youtube.com/watch?v=XnlQT526bCI
EPISODE REFERENCES:
- Researchers find that MacOS High Sierra has a blank root password – Mac Rumors
- Apple support article on changing the root password – Apple
- Apple releases a security update to fix the flaw a day later – Apple
- A great new post on why the blank password issue cropped up – Objective See Blog
—Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply