Having advised users to set a root password to prevent unauthorised access to Mac computers, the company then pushed out a software update for macOS High Sierra fixing the security flaw on Wednesday afternoon. pic.twitter.com/m11qrEvECsThe bug did not affect previous versions of macOS, including Sierra, El Capitan or older. It can reportedly be exploited on an unlocked Mac, bypassing security settings and allowing things such as File Vault encryption and the firewall to be turned off. “By testing this vulnerability on your own computer, you’ll end up creating (or modifying) a persistent root user account on your system. “Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS,” Apple said.

Source: The Guardian November 29, 2017 10:28 UTC