December 22, 2024
Apple Apologizes to All Mac Users, Releases Security Update to Fix Root Password Vulnerability in macOS High Sierra

Apple Apologizes to All Mac Users, Releases Security Update to Fix Root Password Vulnerability in macOS High Sierra

Posted November 29, 2017 at 5:30pm by iClarified
Apple has issued an apology 'to all Mac users' following the discovery of a major root password vulnerability discovered in macOS High Sierra. The company has also released a security update which will be automatically installed on all systems running High Sierra 10.13.1.

---
Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.


We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
---

Apple Apologizes to All Mac Users, Releases Security Update to Fix Root Password Vulnerability in macOS High Sierra


Security Update 2017-001
● Available for: macOS High Sierra 10.13.1
● Not impacted: macOS Sierra 10.12.6 and earlier
● Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password
● Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
● CVE-2017-13872

When you install Security Update 2017-001 on your Mac, the build number of macOS will be 17B1002.


Read More [via MacRumors]


Apple Apologizes to All Mac Users, Releases Security Update to Fix Root Password Vulnerability in macOS High Sierra
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (7)
You must login or register to add a comment...
D4xM4Nx
D4xM4Nx - November 30, 2017 at 8:57am
How about compensating us for the security risk, Apple? I was already covered, but most folks aren't tech savvy and they were put into a dangerous path... Shit happens, when people are so obsessed looking for flaws, they're always gonna find them. At least Apple acted quickly, searching for feedback from users to make sure this update isn't a dud.
landro
landro - November 30, 2017 at 6:47am
It's almost as embarrassing as iClarified the supposed "definitive resources for Apple news" not updating their app for the iPhone X.....
iPho Soup
iPho Soup - November 29, 2017 at 7:35pm
"[O]ur security engineers became aware of the issue Tuesday afternoon..." _TUESDAY afternoon_ when it should've been known to them at least two weeks earlier: twitter.com/fristle/status/935670476214378496
Irfy
Irfy - November 29, 2017 at 5:40pm
Haha, tim you’re really messing up mr Jobs company and sending it down the pan
rantanplan
rantanplan - November 29, 2017 at 6:42pm
I would concur to that statement – 3,5" is the perfect size for a phone and I also prefer the 3:2 aspect ratio of the display. That’s why I’m still love to use a 3GS, although newer models have way more features, they are just unwieldy in use.
ACKTUALLY
ACKTUALLY - November 30, 2017 at 1:15am
Apple hasn't been a great company or at least a visionary one in years. The iPhone was last exciting in it's 5/SE form factor. Handsets are about to start going down in size and it looks like Samsung & Huawei, Honor, OnePlus - and even Google (HTC) are about to be able to lap them. I'm writing this on a MacBook & as an iPhone user myself - their IP is stale and boring now. Face ID is now a two step process which i'm sure will be part of a third hack and identity theft within a year. They release unpolished versions of iOS and this current root hack loophole on MacOS just looks bush league. I've been using Macs since 1999, never anything else and the last year alone has seen so many missteps and problems it makes me wonder what i'm doing. iPhone X is a let down. A literal notch or in this case a bump in their storied history as a tech giant. When they start manufacturing their own OLED displays, camera tech & borrowing Android UI and push themselves to be the company that i drew up on again i'll give them another chance - right now i'm sticking to my iPhone 7 and waiting for 1st quarter of 2018 and CES to see what i'll use next on Android.
Lea
Lea - December 1, 2017 at 1:09am
Bye! Don’t let the door hit ya!
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Sequoia
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS