Critical Security Update for macOS High Sierra Released to Fix Root Bug, Download & Install Now

Critical Security Update for macOS High Sierra Released to Fix Root Bug, Download & Install Now

Apple has issued a critical security update for macOS High Sierra to address the . , . This is perhaps the most urgent Security Update for macOS High Sierra system software released yet, as it will patch the security hole completely. The software update is labeled as Security Update 2017-001 and is exclusive to macOS High Sierra.

The brief notes attached to the App Store download say Install this update as soon as possible. Security Update 2017-001 is recommended for all users and improves the security of macOS. The security update, which seems to apply to the Directory Utility application in macOS, does not require the Mac to reboot for changes to take effect.

The download notes are brief (Install this update as soon as possible. Security Update 2017-001 is recommended for all users and improves the security of macOS.), but Apple details the bug and release notes for the security patch a big more : Security Update 2017-001 Released November 29, 2017 Directory Utility Available for: macOS High Sierra 10.13.1 Not impacted: macOS Sierra 10.12.6 and earlier Impact: An attacker may be able to bypass administrator authentication without supplying the administrators password Description: A logic error existed in the validation of credentials.

This was addressed with improved credential validation. CVE-2017-13872 When youinstall Security Update 2017-001on your Mac, the build number of macOS will be 17B1002. Learn how tofind the macOS version and build numberon your Mac. If you require the root user account on your Mac, you canenable the root user and change the root users password. Note that while you can download the software update yourself, Apple is reportedly going to start automatically pushing the download to macOS High Sierra machines later.

The simplest way to confirm that Security Update 2017-001 has been applied to a particular Macintosh running macOS High Sierra is to on the computer. In the example screenshot, the build version of macOS High Sierra is older than 17B1002, and thus the security patch has not yet been installed.

You can also check the build number of a Mac OS release by using Terminal and the following command syntax: According to tweets posted by TechCrunch reporter , Apple has released the following statement about the security flaw and the macOS High Sierra security update: Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole.

This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra. We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused.

Our customers deserve better. We are auditing our development processes to help prevent this from happening again. Note Apple specifically says the update is available to download now, and This seems to imply that Apple will use the automated security update mechanism available through the Mac App Store to try and push the critical security update onto customers.

It is strongly recommended to install the security software update onto any Macintosh running macOS High Sierra as soon as possible. A direct download link for macOs High Sierra Security Update 2017-001 is not yet available, but should appear once it shows up.