Advertisment

Apple releases update to fix macOS security flaw

author-image
CIOL Writers
New Update
macbook e

Apple has released a security update for macOS High Sierra that fixes the serious security flaw that let anyone log into your Mac without your password.

Advertisment

The critical bug, which gained attention after it was tweeted by developer Lemi Ergin, lets anyone gain administrator privileges by simply entering the username "root" and a blank password in System Preferences > Users & Groups.

While, initially Apple was urging customers to “install this update as soon as possible,” later in the day, the company started rolling it out automatically for everyone who is affected. Apple has provided the following statement: “Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8:00 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.

Advertisment

We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.”

The security flaw affected all Macs running the latest version of High Sierra (at least version 10.13.1 — 17B48).

cyber-security apple mac