Mac sierra update bug
Update: As Wired reported, the bug in some cases proved hard to kill. If you were running High Sierra 10.13.0, received the automatic update fixing the “root” issue, and subsequently downloaded and installed version 10.13.1, that may have reverted your Mac to an un-patched state until you restarted your computer. It allowed a reporter to unlock the safeguards that prevent changes in "System Preferences" on the machine as well as letting someone log into the Mac from the lock screen by simply going to the "other user" tab. USA TODAY confirmed the vulnerability on a late 2013 MacBook Pro running MacOS 10.13.1, or MacOS High Sierra, and a late 2015 iMac running the same software.
#Mac sierra update bug full#
If the system allows you in, you would be able to add a new administrator-level account with full privileges on the system - all without a password to the computer. Put the cursor in the Password field and click there, but don't type anything To see if a Mac is vulnerable to the bug, follow these steps: To see which operating system a computer is running, click the apple icon in the upper left hand corner of the screen and then click "About this Mac." That will give the version number of the operating system. The bug was made public on Twitter Tuesday by Turkish software developer Lemi Orhan Ergin. There were also reports that in some cases, if a user had allowed screen sharing on their computer, it was possible to exploit the bug remotely. At the log-in screen, the bug allowed a user to type in "root" (with no quotations) as the user name, leave the password blank, and get in. The bug requires the would-be hacker to actually type on the Mac's keyboard, so the easiest fix was to keep vulnerable machines under lock and key - not always possible with laptops. Updates installed in the last 30 days appear below this list.
#Mac sierra update bug install#
Use the Update buttons to download and install any updates listed. Less than a day after the security bug to MacOS High Sierra was reported, Apple said Apple users need to install an update to the system to correct the problem.
SAN FRANCISCO - Apple on Wednesday pushed out a fix for a serious security bug that would have let anyone with physical access to its Mac laptops or desktop computers running the latest version of its operating system to easily infiltrate the computer.