Apple fixes High Sierra password bug and issues apology to all Mac users
Apple has issued a fix for a password bug which let people access locked computers just one day after a tech expert discovered the flaw.
A Turkish software developer called Lemi Orhan Ergin tweeted the tech giant yesterday to say he had discovered that anyone could log in to a computer running MacOS High Sierra without a password.
Now Apple has rushed out a new version of the software which powers Macbooks, iMacs and other computers that has solved the problem.
It also issued a frank apology and said it ‘stumbled’.
In a statement, Apple wrote: ‘Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.
‘When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
‘We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.’
Lemi Orhan Ergin tweeted Apple yesterday to warn it about the problem, which anyone log into a locked computer by giving their username as ‘root’.
He wrote: ‘We noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as ‘root’ with empty password after clicking on login button several times. Are you aware of it @Apple?’
To find out more about Apple’s new update, you should visit its support page by clicking here.
If you’re running High Sierra, you should click on the little Apple icon located at the top left of your Mac’s menu bar and click ‘software update’.
The operating system was released in September and featured several enhancements to boost the speed and performance of Apple computers, as well as updates to software including the Photos app.
Tyler Moffitt, a senior threat research analyst at the tech firm Webroot, said: ‘This is a very surprising bug that evaded the quality control on MacOS High Sierra.