Mac OSX High Sierra Root Vulnerability Fix

Kaseya Automation Team
Kaseya Automation Team Member, Kaseya Certified CHOCOLATE MILK
edited January 2022 in Solutions

Product Name: Mac OSX High Sierra Root Vulnerability Fix

Description : This set of agent procedures will allow you to either Disable the Root account of your endpoints, or enable and change the password of the Root account.
It contains 2 different procedures:
The first one to directly disable the root account, which has been recommended as the safest option if you are not using it and have an Admin account setup on the Mac.
The second procedure enables the account, and set a password. If the account is already enabled, it will only change its password.
Both procedures will prompt for Variables when being scheduled, It will need an Admin username and Admin password in order to have the correct permissions to interact with the Root user. In case of the procedure to enable the admin account, it will also prompt for the Root Password to set.

Here is an Apple article on how to perform the same changes manually:

After internal testing, it is recommended to change the password first as it will prevent the use of the "root" account without a password. To this day, on High Sierra, a disabled "root" account will not be able to login to the endpoint but will be able to change settings on "System Preferences"

Instructions :

Upload the procedure with the Import Folder/Procedure tool in the Agent Procedures module under Schedule / Create