Apple issued a new patch for macOS 10.13 High Sierra this morning (Nov. 29), and you should apply the patch as soon as possible. The fix takes care of a massive security vulnerability that became public yesterday (Nov. 28) and allows anyone to gain root access to a Mac without any password.
The fix, entitled Security Update 2017-001, is available to users on macOS High Sierra version 10.13.1. To apply it, simply go into the App Store application, wait for the update to appear, and then authorize its download and installation. (You'll have to enter the user name and password of an administrator account if you're not already running in one.)
"A logic error existed in the validation of credentials," Apple's security-update note reads. "This was addressed with improved credential validation."
The vulnerability was disclosed on Twitter yesterday afternoon Eastern time by Turkish app developer Lemi Orhan Egan, although it later became apparent that Apple developers had already been quietly discussing the flaw in online forums for a couple of weeks.
The patch came less than 24 hours after Egan's tweet. Prior to the fix, Apple recommended users protect against exploits of the flaw by simply adding a password to root account on their Macs.
Mac to PC Guide: How to Make the Switch
- Create a Microsoft Account
- Set Up and Use iCloud on Windows
- Format a Hard Drive For Both Windows and Mac
- Move Your Mac files to a Windows PC
- Convert Mac-Specific Files To Work on Windows 10
- Authorize Your New PC with Your iTunes Account
- How to Import iPhone Photos to Windows 10
- A Guide to Windows 10 Touchpad Gestures for Mac Users
- A Mac User’s Guide to Windows 10 Keyboard Shortcuts
- Sign Into Facebook and Twitter in Windows 10
- Set Up iCloud Email and Calendars on Windows 10
- How to Force Quit in Windows 10
- How to Install Apps in Windows 10
- Make Desktop Shortcuts in Windows 10
- Snap 4 Windows at Once in Windows 10
- How to Use Cortana in Windows 10: Tips and How-Tos
- Install QuickTime on Windows 10