It seems Apple cannot catch a break. iOS has had its fair share of bugs but a new bug in macOS High Sierra has just been discovered that allows anyone to gain access to the root user without needing the password for the current user account. It doesn’t matter if the account is the administrator account or not. This exploit gives complete system access and allows the would-be attacker to create and use the root account. The good news is it’s pretty easy to fix the macOS High Sierra root login bug.
Update: Apple has released a patch. Check for an update for High Sierra and install it right away.
High Sierra Root Login Bug
When you make changes in System Preferences, you have to sometimes provide admin access or at the very least enter the password for your current user. What this bug does is, when you go to the Users & Groups preference where you can create and modify users, it lets you unlock the root user. You don’t have to enter your password in order to make changes. If instead you enter ‘root’ in the username and leave the password field empty, it will be accepted. You will then be able to make changes to the user and just about everything else on the system. Additionally, it will add the ‘root’ user to the accounts screen where you can again log in to it without a password.
The fix is pretty simple; enable the root user yourself and add a password to it. It’s basically you getting to the root user before anyone else is able to use it to exploit your system.
Open System Preference and go to Users & Groups. Click the lock icon at the bottom left and enter your password when prompted. Next, click the ‘Login Options’ at the very bottom of the left panel. Click ‘Join’ next to Network Account Server.
A new panel will open asking for the server address. Click the Open Directory Utility button.
Again, click the lock icon and enter your password when prompted. After that, go to Edit>Enable Root User.
Enter a password for the root user and you’ll have complete control over it.
Once you enable the root user and set a password for it, you become immune to the macOS High Sierra Root login bug. The fix is as simple as the exploit but Apple needs to patch this asap. This bug can be exploited by anyone who gains access to your unlocked system, or by someone who is logged in remotely.