Dangerous Apple Mac glitch could come BACK when computer is updated, warns security expert

A DANGEROUS bug in macOS – the operating system that powers MacBook, iMac and Mac Pro machines – can return when users install the latest update, security experts have cautioned.

By Techenonik 

10:15, Tue, Dec 5, 2017 | UPDATED: 10:55, Tue, Dec 5, 2017

GETTY • APPLE

The dangerous root access bug returns when updating to High Sierra 10.13.1

Last month, Apple Mac users were warned about a serious flaw in the macOS operating system which enabled anyone to access the computer – without a password.

The dangerous software bug, which was first uncovered by Turkish developer Lemi Ergin, allows anyone to gain powerful administrator rights and access any data stored on the machine with a very simple hack.

Once entry at this administrator level has been granted, it allows anyone to delete crucial system files, change administrator passwords, and add or remove system accounts.

Mr Egin says he discovered the flaw by simply entering the username "root" and leaving the password blank in the system admin settings.

After a few attempts he gained full administrator access to the Mac.

EXPRESS NEWSPAPERS

The simple flaw allows access to high level security on the Mac

Apple was commended for its overnight patch for the critical bug. However, updates that are developed and pushed-out so quickly rarely ship without issues.

According to Thomas Reed, an Apple researcher at security firm MalwareBytes, some users could inadvertently undo the patch when upgrading their operating system.

That is bad, bad, bad

Thomas Reed, MalwareBytes

Those who were running macOS High Sierra 10.13.0 when the emergency patch was released by Apple will reverse the security update when they upgrade to High Sierra 10.13.1.

In an nutshell, Mac owners who were a little behind with their operating system updates will need to reinstall the security patch – or risk being susceptible to the dangerous flaw.

“I installed the update again from the App Store, and verified that I could still trigger the bug. That is bad, bad, bad,” Thomas Reed told Wired.

“Anyone who hasn’t yet updated to 10.13.1, they’re now in the pipeline headed straight for this issue.”

The simple steps YOU need to take to avoid being hacked in an online scam

Mon, April 10, 2017

MAKE sure you are protected against the latest online attacks by following these simple steps.

PLAY

• 
  EXPRESS NEWSPAPERS • GETTY

  1 of 13

  Ensure you're protected against online attacks by following these steps [EXPRESS NEWSPAPERS • GETTY]

Apple has yet to comment on this newfound issue.

However support documents about the patch confirm that a restart may be necessary.

"If you recently updated from macOS High Sierra 10.13 to 10.13.1, reboot your Mac to make sure the Security Update is applied properly," the document reads.

"Anyone rushing a patch like this could very easily make a mistake," Reed added. 

"But the big question going around now is, what is Apple’s quality assurance [team] for Mac doing? I don’t know what’s going on that these bugs could have slipped past."