Macs with High Sierra, the most popular version of its operating system, have been uncovered. A security breach allows anyone to access all files and access the computer as an administrator. This security problem is already considered the most relevant in Apple’s history, an error of the same depth as the fiasco of its first version of Maps.
The failure discovered by Lemi Orhan , a Turkish developer creator of Software Crafstman, puts Apple in a difficult situation, both by the number of machines affected, and by how easy it is to take advantage of the error. It allows to enter with the root user, as it is denominated in the jargon, to the administrator. After a couple of failures, the machine allows entering without having put the correct password. Once inside you can create more users with a lower profile, unsubscribe others or delete all the content.
Apple just released, on Wednesday morning in California, a patch to solve the problem and has recommended users to perform the following operation to try to minimize its impact. The update will be automatic in all cases, but can be installed manually through the AppStore.
The company has issued a statement acknowledging the situation: “Security is a priority for all Apple products, and unfortunately there has been a stumble with this version of macOS.” They say they have been as fast as they could: “When our security engineers got to know the problem on Tuesday afternoon, we started working immediately on an update to close the security hole.” The update is available for download from this morning to 8 am (Pacific Coast time) And, as of today, it will automatically be installed on all systems running the latest version (10.13.1) of the macOS High Sierra. “
Apple is aware of a flaw whose exploitation was extremely simple: “We regret this error and apologize to all Mac users, both for launching the software with this vulnerability and for the concern it has caused, our customers deserve better. We are auditing our development processes to prevent this from happening again. “
The researcher has revealed it on Twitter , although many experts believe that it would be advisable to do it in private, contacting experts from the company and avoid affecting third parties or exploiting them irresponsibly. Throughout its history Apple has been reluctant to follow rewards programs, which is common in the sector. At the Black Hat conference in the summer of 2016 they took a turn offering generous compensation for all those who report and document errors in all their systems.
One day Steve Jobs said that computers would be like tractors, they would be used only by those who needed them for a specific task, they would be tools. That date is close, iPhone, Apple Watch and iPad are the stars of its catalog, but the relevant documents, work mail, designs and plans are still made and stored on their computers.