Critical Apple Security Flaw — 30 November 2017

On 29 November Apple announced that a critical security flaw to its High Sierra Mac operating system (versions 10.13 and 10.13.1).  This flaw allows anyone to log in as an administrator without specifying a password. Apple strongly urges that users apply Security Update 2017-001.  Apple also notes that after this update is applied, those who need administrative rights to their computers will have to re-enable root access and change the password.

The Guardian has reported that Security Update 2017-001 breaks file sharing, however.  Apple has a work-around for this issue involving the Terminal app.  Please note, that this work-around requires root (administrative) access to your computer.

Before applying the security update, check the version of your operating system.  Sierra 10.12.6 and earlier are unaffected by the security flaw.

Related Articles: