Root Security Flaw Allows Anyone To Become Root In Mac OS High Sierra

I can confirm the new root security flaw would affect the Apple’s MacBook Pro 2016 model because I’m using one at the moment.  I can also confirm this same flaw would also work on my older MacBook Pro (Mid 2010 model).  Basically, as of how other people have mentioned, this flaw would work regardlessly the MacBook laptop model you’re using as long you had upgraded your MacBook machine to Mac OS High Sierra.  As of now, the flaw is also affecting the latest version of Mac SO High Sierra (10.13.1).  How would the flaw work?  Read on…

I assume this flaw would work still even you have turned on FileVault.  Basically, as long your Mac allow anybody to enter the username as root at the login screen or any login prompt (except in terminal), he/she could just hit enter once or twice without using any password and the root login would be successful.  If you’re new to Mac and Linux, let’s just say that root is the super account that can do just about anything on Mac and Linux machines.  Root can change all users’ passwords.  In fact, root can even erase the entire machine’s storage and destroy the whole operating system with just one command which is [rm -rf /].

I tested the flaw out as how I’d seen on YouTube, and it worked marvelously.  Basically, I was already logged into the machine, and so I went to System Preferences > Users & Groups > clicked the lock icon at the bottom left > entered root at the username prompt > hit “enter key” twice and became root right after.  From here I could change any user’s password or delete any user and group.  In fact, any login prompt would allow me to become root and execute the available super account’s features.

To fix this problem, as seen on YouTube, I opened up the terminal > typed in the command [sudo su] > entered root password (hit enter key without password won’t work in terminal) > typed in command [passwd] > entered same root password or new one (doesn’t matter as long you type in a password you could remember) > exit the terminal entirely by typed [exit] couple times in the terminal > shutdown the terminal by quitting the terminal from the dock.  After this, I tried the root flaw and it wouldn’t work on the graphical user interface such as in the System Preferences.  Thus, I think the fix is real.

Here is one secret I would let you guys in.  Actually, this flaw isn’t a flaw.  Apple has always been easy in regarding in allowing people to physically reset a user password.  In fact, you can also reset a root password of your Mac for as long as Mac has been in the existence, because in the video right after the break I’d talked about how to reset an administrator password in Mac OS X Lion without remembering the root password or using a recovery disk.  By the way, Mac OS X Lion is way back then.  I think Mac OS X Lion was released in 2011.

Since 2011-2012, I haven’t tested the trick I talked about in the video, and so I’m very rusty now.  I’m not even sure the same trick would work exactly the same way as how I had walked you through in the video for newer machines and newer Mac OS iterations.  Regardless, I think even now there should be some similar tricks for you to reset an administrator/root password on any Mac OS as long you got a physical access to the machine.  Maybe FileVault would be able to stop and block the trick I’d shown you in the video from working successfully, but I’m not sure if this is even the case since I haven’t tested this very trick out when I got FileVault running.  So, I think the best security is still all about keeping your machine in a locked cage when you’re not around it.  Keeping a physical machine away from unwanted intruders/hackers would be the best way to stop easy hacks.  Regardless, sometimes remote hacks could also be as easy as the root flaw I’d mentioned in this post.

Advertisements

Latest Mac Flashback Trojan Threatens Mac Users With Java Enabled

Mac?!

Mac?! (Photo credit: Kramchang)

It’s being reported that the newest version of Mac Flashback Trojan can now exploit Java engine in Mac OS X, all versions of Mac OS X I guess.  It bypasses the administrator privilege protection, and so it can install itself onto any Mac machine with Java enabled without the need to use an administrator password.  As now, Apple has yet to release a security fix to counteract Mac Flashback Trojan’s Java exploit, therefore I think it’s best for you to disable Java plugin for your browsers!

Should you disable Java on Mac altogether?  Yes, but unfortunately Java is so interconnected with Mac OS X (all versions), therefore I do not yet know how to disable Java on Mac.  If you know, please write a comment or two and share your knowledge with my blog’s readers.  Anyhow, the easy quick fix for now is not to use Java in any browser that you use on Mac.

Without further ado, now I’m going into how to disable Java on the most popular browsers that you can use on Mac.  These browsers will have to be Safari, Firefox, Chrome, and Opera!  So check the instructions below…

  • Safari – disable Java, you need to go to Safari > Preferences > Security > and uncheck the box that says Enable Java.
  • Firefox – disable Java, you need to go to Tools > Add-ons > Plugins > and disable the Java Applet Plug-in plugin.
  • Chrome – disable Java, you need to type in about:plugins in the browser address bar and disable the Java plugin.
  • Opera – disable Java, you need to go to Tools > Advanced > Plug-Ins > and disable the Java Applet Plug-in.

Please don’t confuse Java with Javascript!  These two are different from each other!  Nonetheless, let me digress a little.  Javascript can also be dangerous sometimes, therefore you can disable Javascript by using popular extensions that are made available for certain popular browsers!  In Firefox, you can use Noscript extension.  In Chrome, you can try out the ScriptNo extension.  I don’t know any extension that can disable Javascript for Safari and Opera.

Sources: