It has been revealed that a dangerous flaw has been discovered within Apple MacOS Sierra, which makes it possible for anyone to gain entry to the machine without a password and access administrator rights. Tim Erlin, VP of Product Management and Strategy at Tripwire commented below.
Tim Erlin, VP of Product Management and Strategy at Tripwire:
“Failing to follow responsible disclosure guidelines puts everyone at greater risk. Public disclosure like this, especially with a major vulnerability, ensures the widest possible distribution of the information among malicious attackers, and instills a sense of urgency to attack before a patch is available.
This is absolutely a ‘drop everything and fix it’ moment for Apple. This vulnerability requires no skill to exploit and provides complete access to the affected systems.
Organizations should step up monitoring of their Mac systems for root login activity as a mitigating control while they apply the recommended workaround.”