Apple voices 'deep regret' over Mac security breach

Technology giant Apple has expressed "great regret" over a security glitch which threatened Mac customers' details.

A "huge" flaw in High Sierra - the latest Microsoft operating system - made it possible for anyone using an Apple computer to access an admin account without even entering a password, if the computer has first been free to access while unlocked.

Apple issued instructions through its support website to help protect customers from any potential hacks, before releasing a software update to deal with the problem.

An Apple spokesman said: "Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

"We greatly regret this error and we apologise to all Mac users, both for releasing with this vulnerability and for the concern it has caused.

"Our customers deserve better. We are auditing our development processes to help prevent this from happening again."

Customers were earlier advised to create a password for the computer's "superuser" account, which is used for system administration and on Macs is known as "root" and would prevent unauthorised access to a customer's Mac.

The bug was first reported by Turkish software developer Lemi Orhan Ergin, who contacted Apple on Twitter to inform it of the "unbelievable" find.

Videos posted online show people using the hack at the login screen, leaving the password field empty, and appearing to get unrestricted access to the machine.

One Twitter user called Mike Hanley said: "This is not the password-less future we all had in mind."

Despite the ease of the hack, Open University's Professor Blaine Price urged people not to be too worried. He said: "This flaw is one of the most serious I have seen, mainly because it requires no technical skill, but the risks for ordinary people are probably a bit less than people are making it out to be.

"The number of people who can exploit this attack is limited to those who can walk up to your computer. The vulnerabilities you need to really worry about are those that can be exploited by anyone on the planet (those that leave your computer vulnerable to attack from anywhere on the internet) and this doesn't appear to be that kind."

More in this Section

British Airways reveals new business class design

Developing a gin-and-tonic without alcohol

Weighing the best options for a €100,000 windfall

Markets calm as no deal was never on


Lifestyle

Ask a counsellor: ‘My stepson is very upset and angry – how can I get my husband to acknowledge it?’

Forget Brexit: Six holiday ideas in the UK that will keep your mind off politics

All set for summer with a ray of festivals and gigs to chose from

A growing awareness to grow, cook and eat

More From The Irish Examiner