macOS High Sierra security update patched a critical root user bug, it introduced a problem that prevents Mac users from authenticating or connecting to file shares on their Mac.
If trying to access an administrator's account:
Open System Preferences.
Select Users and Groups.
Click the lock in the corner.
In the login field, type "root" as the username.
Go to the Password field but leave it blank.
Click unlock.
At this point, you should have full access.
Video by Unbox therapy
As noted by Apple in its Support Document, users experiencing file sharing issues need to do the following:
1. Open the Terminal app, which is in the Utilities folder of your Applications folder.
2. Type sudo /usr/libexec/configureLocalKDC and press Return.
3. Enter your administrator password and press Return.
4. Quit the Terminal app
MacOS High Sierra 'root' bug allows admin access without a password: how to fix it
Security Update 2017-001
Released November 29, 2017
Directory Utility
Available for: macOS High Sierra 10.13 and macOS High Sierra 10.13.1
Not impacted: macOS Sierra 10.12.6 and earlier
Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password
Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
CVE-2017-13872
link
To confirm that your Mac has Security Update 2017-001:
Open the Terminal app, which is in the Utilities folder of your Applications folder.
Type what /usr/libexec/opendirectoryd and press Return.
If Security Update 2017-001 was installed successfully, you will see one of these project version numbers:
opendirectoryd-483.1.5 on macOS High Sierra 10.13
opendirectoryd-483.20.7 on macOS High Sierra 10.13.1
If you require the root user account on your Mac, you will need to re-enable the root user and change the root user's password after this update.
No comments:
Post a Comment