Apple releases security fix to operating system

Apple released an update to its latest operating system for Mac computers and said it's changing development practices after a significant security flaw was disclosed Tuesday that allowed people to log in without a password, potentially making private user data vulnerable.

The issue, discovered in the High Sierra operating system for laptops and desktops that was released in September, would let anyone enter the word 'root” when prompted for a username, and provide no password when logging on to the device.

That would permit unfettered access to the file system for a Mac, exposing private documents on that particular computer. One user reported the ability to also access the computer using the root login remotely.

The glitch is a rare and potentially embarrassing failure for Apple, whose software generally is known for being less prone to hacking and malware infections than Windows software from Microsoft.

The previous version of the operating system didn't appear to be affected by the bug.

'A password prompt that authenticates as root with an empty password would be a black eye for any OS, never mind one from a security and privacy-conscious company such as Apple,” Steve Troughton-Smith, a Mac software developer, wrote on Twitter.

Apple released a security update for the software on Wednesday. The fix is available for download in the App Store and later in the day will be automatically installed on all systems running the latest version - 10.13.1 - of High Sierra.