Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  Is the tide turning for Mac security?

Is the tide turning for Mac security?

Apple-Apple

For the longest time, the generally accepted knowledge was that Apple’s Mac computers didn’t get malware or viruses. Apple even went so far as to mock its PC opposition in the famous “Mac vs PC” ads for the issues they had around security and malware, to a fairly solid effect. While Apple’s Macs do still trail Windows machines by a significant percentage, Apple’s overall desktop and laptop market share has grown in recent years, and with it, Apple’s profits.

Back then, if you dug a little deeper, it became apparent that one reason that Apple machines didn’t tend to get targeted by malware writers wasn’t entirely to do with robust security infrastructure, but more to do with that smaller market share. There simply were fewer Macs to target, so malware writers, who these days target ways to get money far more than mere mischief, were less inclined to do so.

In recent times, however, we’ve seen a larger number of malware attacks on the macOS platform, as well as a few security blunders from Apple itself. Just recently it emerged that Apple had left a gaping chasm of a security hole in the latest updated version of its macOS software, High Sierra.

Specifically, if you wanted to sign into any given High Sierra machine, all you had to do was enter your username as “root” and tap the enter key a couple of times. Hey presto, instant access to anything on that Mac, even if you were using more advanced features such as Apple’s encrypted Filevault software.

It’s not exactly clear how or why Apple left this rather large back door open, but if you’re curious as to why that username would even exist on your Mac, it’s because macOS itself is built on a UNIX base. UNIX uses what’s called a “superuser” account for dedicated administrative tasks, but it’s not recommended for everyday use.

That “root” account is the superuser account on macOS systems, and for most users, you’d never know it was there or indeed need to have use of it, because it’s able to do literally anything to the files on your system, including (potentially) leaving the whole system wide open for abuse or unable to be recovered.

If you are running macOS High Sierra, there’s a couple of solutions to hand. Apple rushed out a patch for High Sierra about 18 hours after the bug information went public, and most macOS users should find that this auto-applies to their systems.

However some users have reported that if they’re not running the very latest update to High Sierra itself, version 10.13.1, and they only apply the patch that then updating can re-open the hole, unless you reboot your Mac afterwards.

You should update as soon as feasible, because now that this bug is widely known, it’ll be exploited. Right now, it mostly relies on someone having physical access to your Mac, but it won’t be long before malware writers are figuring out ways to invoke it remotely.

Update to the latest version of High Sierra, and you should be prompted for the patch. Reboot after it’s deployed, and check if the root exploit is still present by trying to log in as the root user with no password.

If it’s still present, or for some other reason you’re not able to apply the patch, then what you should do is change the root password yourself. Apple outlines the process in this document under “change the root password”, which is as follows:

  1. Choose Apple menu > System Preferences, then click Users & Groups (or Accounts).
  2. Click lock icon, then enter an administrator name and password.
  3. Click Login Options.
  4. Click Join (or Edit).
  5. Click Open Directory Utility.
  6. Click lock icon in the Directory Utility window, then enter an administrator name and password.
  7. From the menu bar in Directory Utility, choose Edit > Change Root Password…
  8. Enter a root password when prompted.

Simply changing the root password to anything else, but preferably a strong password combination, will remove the problem of this particular flaw. It’s also a timely reminder that no matter what your computer platform is, it’s wise to keep abreast of the latest security issues and updates.

FacebookTwitterGoogle+Share

Recent News

ytm

In the world of online music streaming, there are a number of big-name players. Spotify is the best known, and Apple has its own play in Apple Music. Users of Google’s Android operating systems are probably more familiar with Google Play Music. Google’s approach to Google Play Music has always been an odd one from… More 

parentalcontrols

If you’ve got kids, you may well be concerned that they’re far more tech-savvy than you are. Having grown up with technology as an absolutely expected part of their lives, and with so much IT integrated into school curriculums through their education, it’s pretty easy to feel as though they’re well ahead of you. That… More 

win10update

If you’re using a Windows 10 PC, you’ve probably been alerted to the existence of what Microsoft’s calling the “April 2018 Update” to your operating system. This isn’t some kind of April fool’s joke, or for that matter an update only applicable to women called April, but instead the latest larger-scale update to Windows 10… More 

netflixlogo

The massive rise in popularity of streaming services, especially video streaming services such as Netflix, in recent years has had some astounding effects on the online world. There’s now such a thing as “peak” internet usage time, typically around 7pm-11pm each evening, simply because so many people are using that evening time to binge-watch their… More