macOS High Sierra Update Issue causes security risk

macOS High Sierra update causes security risk for users. Here’s what to do.

Apple mac for business

You may have seen that there’s a security issue with the latest macOS High Sierra update.

Essentially the bug means that anyone that gets hold of your Mac can gain full admin access to it by entering a blank password and no need for security verification.

Not good news.

This could obviously cause a real issue for Mac users and Apple are apparently working on a permanent fix.
“We are working on a software update to address this issue,” Apple said in a statement.

So what can you do?

Well, as an IT provider we are currently working with all of our Mac users with the High Sierra update, and implementing the temporary fix to reduce the risk. We are also advising anyone on the previous versions to implement the fix as a precautionary measure.

If you don’t have an IT provider who can handle this for you, here is the temporary fix you can work through to help protect your data.

1. Open System Preferences
2. Choose Users and Groups
3. Click on the lock to make changes

4. Enter your administrator name and password
5. Click on ‘Login Options’

6. Choose ‘Join’ at the bottom of the window

7. Select ‘Open Directory Utility’

8. Click on the lock to make changes and enter your username and password.
9. At the top of the menu bar, choose ‘Edit’.

10. Select ’Enable Root User’.

11. From there, you can enter a password for the root user account, which prevents it from being accessed with a blank password.

The current advice is to also to disable guest accounts which you can do by disabling ‘Allow guests to log into this computer’

So although this isn’t great news for Mac users, there is a temporary fix to keep your data safe and we look forward to hearing from Apple that a longer term solution is in place.

Further reading

Share this:

Leave a Reply

CCS IT Solutions Think IT. Solve IT. Build IT


CCS IT Solutions, Gemini House
Linford Wood, Milton Keynes, MK14 6LS
United Kingdom
Phone: 0333 344 6336

Stay Connected