While the internet is rife with the news that the MacOS High Sierra has a major security vulnerability which could provide access to any random user without knowing the password, it has been found by experts that Apple has disclosed the issue in their forums weeks ago and no one just noticed it.
At present, it looks like Apple developers are scrambling to find a solution for this issue and rollout a security update before someone exploits the bug for their personal benefits. Everything seems fine so far from the company’s end but if they have managed to find it weeks ago, it remains a great mystery as to why the developers didn’t roll out a bug fix much earlier.
On November 13th, a random commenter found the issue and posted it on the Apple developer forum. The same vulnerability that has made the internet go mad over the Macintosh machines even though majority of users around the globe still rely on Windows operating system, when it’s Apple people are bound to feel more threatened than usual right? When the flaw was discovered, the team didn’t bat an eye and just skipped it for the time being.
But, it didn’t stop there because the MacOS High Sierra security issue was also reported once again on Twitter. Users are largely confused at the moment of how bad the flaw is because they have no idea what they should do because it is a software issue and a solution should be provided by the developers as it is tough to do anything on the user end except for physically safeguarding their devices.
If you simply leave your Mac open with the password already entered, any random user can access it and make themselves the root user. Once done, they have the freedom to login to the same device any time by skipping your password and directly gaining access to all the personal files you may have saved on your Mac. It might sound extremely scary for most because there is so much of business data and personal files to be lost especially when you don’t know who the root user is and it is impossible to block them access by changing the password as it wouldn’t stop them from gaining access to the same.
As stated earlier, the only way is to keep the device close to you at all times until Apple rolls out an official MacOS High Sierra update to fix the security flaw.