Apple rushes to resolve ‘huge’ password glitch on its new operating system

[driftdiver]

https://www.cnbc.com/2017/11/29/apple-rushes-to-resolve-huge-password-glitch-on-macos-high-sierra.html

Apple is scrambling to fix a serious glitch within its latest Mac operating system.

A major flaw in the way the MacOS High Sierra operates means that anyone can gain entry to a computer without the use of a password, obtaining access to powerful administrator rights in the process.

Warnings about the bug were shared by computing experts such as Edward Snowden, who described Apple's operating system as "really bad" on Tuesday.

In a statement released Wednesday, Apple said: "We are working on a software update to address this issue."

The bug was first made public by Turkish developer Lemi Ergin. He discovered that by entering the username "root" and leaving the password field blank, he would eventually be able to gain unrestricted access after repeated presses of the log-in button.

[Oceander]

Geez.  That’s pretty damned bad. 

[roamer_1]

Geez.  That’s pretty damned bad.

Yeah, but win ain't no better. If I'm hands-on, i am about 5 minutes from admin control and a cmd box with system privileges... 

Nix too - unless the box was set up old-skool with a strict demarcation between root and user and sudo disabled.

[Fishrrman]

This is with the latest version of the OS, 10.13 "High Sierra".

Earlier versions are NOT affected.

I have HS installed on an old external drive for test purposes only.
No rush to get "the fix" installed.