Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  Is the tide turning for Mac security?

Is the tide turning for Mac security?

For the longest time, the generally accepted knowledge was that Apple’s Mac computers didn’t get malware or viruses. Apple even went so far as to mock its PC opposition in the famous “Mac vs PC” ads for the issues they had around security and malware, to a fairly solid effect. While Apple’s Macs do still trail Windows machines by a significant percentage, Apple’s overall desktop and laptop market share has grown in recent years, and with it, Apple’s profits.

Back then, if you dug a little deeper, it became apparent that one reason that Apple machines didn’t tend to get targeted by malware writers wasn’t entirely to do with robust security infrastructure, but more to do with that smaller market share. There simply were fewer Macs to target, so malware writers, who these days target ways to get money far more than mere mischief, were less inclined to do so.

In recent times, however, we’ve seen a larger number of malware attacks on the macOS platform, as well as a few security blunders from Apple itself. Just recently it emerged that Apple had left a gaping chasm of a security hole in the latest updated version of its macOS software, High Sierra.

Specifically, if you wanted to sign into any given High Sierra machine, all you had to do was enter your username as “root” and tap the enter key a couple of times. Hey presto, instant access to anything on that Mac, even if you were using more advanced features such as Apple’s encrypted Filevault software.

It’s not exactly clear how or why Apple left this rather large back door open, but if you’re curious as to why that username would even exist on your Mac, it’s because macOS itself is built on a UNIX base. UNIX uses what’s called a “superuser” account for dedicated administrative tasks, but it’s not recommended for everyday use.

That “root” account is the superuser account on macOS systems, and for most users, you’d never know it was there or indeed need to have use of it, because it’s able to do literally anything to the files on your system, including (potentially) leaving the whole system wide open for abuse or unable to be recovered.

If you are running macOS High Sierra, there’s a couple of solutions to hand. Apple rushed out a patch for High Sierra about 18 hours after the bug information went public, and most macOS users should find that this auto-applies to their systems.

However some users have reported that if they’re not running the very latest update to High Sierra itself, version 10.13.1, and they only apply the patch that then updating can re-open the hole, unless you reboot your Mac afterwards.

You should update as soon as feasible, because now that this bug is widely known, it’ll be exploited. Right now, it mostly relies on someone having physical access to your Mac, but it won’t be long before malware writers are figuring out ways to invoke it remotely.

Update to the latest version of High Sierra, and you should be prompted for the patch. Reboot after it’s deployed, and check if the root exploit is still present by trying to log in as the root user with no password.

If it’s still present, or for some other reason you’re not able to apply the patch, then what you should do is change the root password yourself. Apple outlines the process in this document under “change the root password”, which is as follows:

  1. Choose Apple menu > System Preferences, then click Users & Groups (or Accounts).
  2. Click lock icon, then enter an administrator name and password.
  3. Click Login Options.
  4. Click Join (or Edit).
  5. Click Open Directory Utility.
  6. Click lock icon in the Directory Utility window, then enter an administrator name and password.
  7. From the menu bar in Directory Utility, choose Edit > Change Root Password…
  8. Enter a root password when prompted.

Simply changing the root password to anything else, but preferably a strong password combination, will remove the problem of this particular flaw. It’s also a timely reminder that no matter what your computer platform is, it’s wise to keep abreast of the latest security issues and updates.

Share

Recent News

It’s tax time for many Australians, with some of us dreading debts while others plan for what they’ll do with a refund. Before you reach that stage, however, you’ve got to file your actual tax return, and this is where many of us can come unstuck. I’m not speaking here of the complexity of tax… More 

The ACCC is engaging in court action against South Korean technology giant Samsung. The ACCC alleges that Samsung has made false representation around its popular Galaxy smartphones. Specifically a feature of the higher end models, typically the Galaxy S and Galaxy Note phones that offer water resistance. The ACCC’s claims that Samsung’s advertising shows Galaxy… More 

The modern Internet runs on advertising, whether it’s those annoying pop-up or obscuring ads that get in the way of the content you really want to read, or pre-roll ads on video streaming sites. What’s less well understood by many everyday consumers is how all of these ads essentially play “together” to build a profile… More 

We’re nearing the end of the build phase of the National Broadband Network, which is due to be “completed” by 2020. I don’t want to touch on the politics of it to speak of. Many Australians are already on the NBN by now. If you’re not, you’re probably within the typical 18-month window for switchover… More