Critical update for MacOS High Sierra ‘root’ bug released by Apple

1

INQUIRER.net stock photo

The much-needed patch to address the high-risk root access security bug for the MacOS High Sierra has been released. Apple urges users to download immediately.

This update has been labeled “Security Update 2017–001” and a support page for it has also been put up.

According to MacRumors, Apple released a statement apologizing for the security issue.

“Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS,” said Apple. “When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole.”

Apple said that this morning, as of 8 a.m., the update is available for download. Starting later today, it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.

“We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused,” the tech company’s statement further said. “We are auditing our development processes to help prevent this from happening again.”

The root security bug had been made public when Twitter user Lemi Orhan Ergin shared it in social media yesterday. It allowed anyone access to a Mac running High Sierra version 10.13.1 (17B48) by simply typing “root” on the login window. Apple quickly offered a workaround while their engineers finished making a security update to address the issue. Alfred Bayle/JB

RELATED STORIES:

Apple offers workaround to MacOS High Sierra root login security bug

Firefox Quantum challenges Chrome; claims better speed, lower memory usage

Apple ID passwords may be vulnerable to iOS phishing attacks

Read more...