Apple | Dec 4, 2017 | Master3395
Download Track Tracks.
Apple has fixed an error that made it possible to define root user on MacOS without even knowing the password - the error could be exploited by logging in with a guest account and even over the network with a remote-controlled connection.
Make at least two things to seal
Now, Apple has released security update 2017-001 for macOS High Sierra 10.13.1.The update does not apply to macOS Sierra 10.12.6 or earlier.
It may appear that the update also disables the root user, as well as closing the hole.
Keywords: apple, mac, update, fail, guest