Apple Security Hole Allows Mac Logins Without a Password
A serious security flaw has been discovered in the latest MacOS (High Sierra), allowing anybody to gain administration access to an Mac computer without the user's password.
Apple said it released a patch to fix the bug on Wednesday morning and it would be automatically installed on vulnerable machines later in the day. The company has published a guide on how to fix it.
The glitch was discovered by Turkish developer Lemi Orhan, who revealed that the Mac log-in screen can be cracked simply by entering the word "root" as a username and hitting enter twice, without having to enter a password. The "root" account is a privileged user with more access to areas of the system and should have been disabled by default.