Apple rolls out fix for MacBook's security flaw

Angelica Greene
December 4, 2017

In simpler words, while the security fix is buggy, researchers confirm that after updating to 10.13.1 and then re-installing the security fix, the security update dies finally kick in and resolve the issue, however, Apple gives no such instruction on the update, leaving the users who do not go through the re-installung process, still vulnerable. All Macs running High Sierra appeared to be affected.

The update fixes serious concerns of vulnerability that allowed anyone to log into a Mac without entering the password.

Apple has released macOS High Sierra 10.13.2 beta 6 which fixes a major vulnerability that allowed root access to macOS without a password. As of now, there is no software patch to fix the file sharing screw-up for everyday macOS users that may be uneasy about messing around in Terminal. Ergin said staff members reported the vulnerability to Apple on November 23, and he disclosed the flaw publicly in a tweet on Tuesday.

India, Iran, Afghanistan discuss Chabahar Port Development
India had been looking after the development of the Chabahar port as the Iranian government was focusing on its second phase. The first phase of the strategically located Chabahar port was inaugurated on Sunday by Iranian President Hassan Rouhani .

Marlins Agree to Giancarlo Stanton Trade Framework With Cardinals, Giants
The Giants and Cardinals each showed trade interest in Stanton, dating back to before the July 31 non-waiver Trade Deadline. The Dodgers are enamored with Stanton's power, but are concerned about the luxury-tax implications of trading for him.

Clemson, Oklahoma, Georgia and Alabama make College Football Playoff field
One of the asterisks next to OSU's resume is the 55-24 loss to Iowa earlier in the season. "You wouldn't be talking to me". The Big Ten-champion Buckeyes will play in the Cotton Bowl on December 29 against Pac-12 champion Southern California.

A few days ago, a bug was discovered that enabled root user access without a password when anyone attempted to login as root on a system without the root user enabled. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra. "In the meantime, setting a root password prevents unauthorized access to your Mac. And worse, two of those Mac users say they've also tried re-installing Apple's security patch after that upgrade, only to find that the "root" problem still persists until they reboot their computer, with no warning that a reboot is necessary". Anyone can log in as "root" with empty password after clicking on login button several times.

"Oh my god that should not work but it does", another user responded yesterday on the forum.

Apparently, the only way to truly solve the problem for users that were "late" to update to the newest version of macOS High Sierra is to install 10.13.1, reboot, then install the root security update. When that happens, "Make sure to update your Macs and MacBooks at your earliest opportunity after it is released", he added.

Other reports by GizPress

Discuss This Article