macOS High Sierra root password fix

UPDATE: Apple released a security update to solve this issue. Please have a look at https://support.apple.com/en-us/HT208315

A security vulnerability was discovered in macOS High Sierra on November 28th, where you could enable and log into the root account without providing a password. To address this issue until Apple releases an update to fix it, ZuluDesk created a Package that will do a couple of things to block logins to the root account:

  1. Install an app called "High Sierra Root Password Fix.app" in /Applications/Utilities
  2. Launch the app once, this app will do two things:
    1. Set the password to a random, 32 character long, string
    2. Set the root account's login shell to /usr/bin/false

Using ZuluDesk you can easily distribute this package to your macOS devices by following the steps below:

Create a Smart Group:

  • Go to Devices -> Groups and click on "Add Group".
  • Fill in a name, choose "Smart Group" as the type and click on the "Add" button
    smartgroup1.png
  • Enter the following rule:
    "Operating System" - "equals" - "macOS" - "10.13"
    smartgroup2.png
  • Click on "Save Scope"

 Distribute the package:

  • Download the "High Sierra Root Password Fix.pkg"
  • In ZuluDesk navigate to Apps, click on "Add App" and click on the "Add In-House macOS Package"
    step1.png

  • Select the "High Sierra Root Pasword Fix.pkg" file from your computer. 
  • Choose the Smart Group you've just created as the scope and click on "Save"
    step2.png
  • You're done! The package will be distributed to the macOS devices in scope and the fix described above will be applied. 
Have more questions? Submit a request

0 Comments

Article is closed for comments.