Apple Releases macOS High Sierra Security Update to Fix Root Password Vulnerability
Apple today released Security Update 2017-001 to fix a serious vulnerability that enables access to the root superuser account with a blank password on any Mac running macOS High Sierra version 10.13.1.
The critical bug, which gained attention after it was tweeted by developer Lemi Ergin yesterday, lets anyone gain administrator privileges by simply entering the username "root" and a blank password in System Preferences > Users & Groups.
The security update is rolling out on the Mac App Store now, and it should be installed by all users running macOS High Sierra as soon as possible. Regardless, starting later today, Apple said the security update will be automatically installed on all Macs running macOS High Sierra 10.13.1.
Apple has since apologized for the vulnerability in a statement issued to MacRumors:
Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
The vulnerability does not affect macOS Sierra or any other previous version of the operating system.
Popular Stories
Apple released iOS 18.2 in the second week of December, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. Apple has added a handful of new non-AI related feature controls as...
The current Apple TV 4K was released more than two years ago, so the streaming device is becoming due for a hardware upgrade soon. Fortunately, it was recently rumored that a new Apple TV will launch at some point next year.
Below, we recap rumors about the next-generation Apple TV.
Bloomberg's Mark Gurman last week reported that Apple has been working on its own combined Wi-Fi and...
Wednesday December 18, 2024 11:39 am PST by
Juli CloverApple is no longer planning to launch a hardware subscription service that would let customers "subscribe" to get a new iPhone each year, reports Bloomberg's Mark Gurman.
Gurman first shared rumors about Apple's work on a hardware subscription service back in 2022, and at the time, he said that Apple wanted to develop a simple system that would allow customers to pay a monthly fee to gain...
Contrary to recent reports, the iPhone 17 Pro will not feature a horizontal camera layout, according to the leaker known as "Instant Digital."
In a new post on Weibo, the leaker said that a source has confirmed that while the appearance of the back of the iPhone 17 Pro has indeed changed, the layout of the three cameras is "still triangular," rather than the "horizontal bar spread on the...
Wednesday December 18, 2024 10:05 am PST by
Juli CloverElevation Lab today announced the launch of TimeCapsule, an innovative and simple solution for increasing the battery life of Apple's AirTag.
Priced at $20, TimeCapsule is an AirTag enclosure that houses two AA batteries that offer 14x more battery capacity than the CR2032 battery that the AirTag runs on. It works by attaching the AirTag's upper housing to the built-in custom contact in the...
Apple on Monday seeded the first tvOS 18.3 beta to developers for testing. The update will likely be released in January. So far, there are only minor changes for the Apple TV, with one new feature and a few code changes discovered.
Below, we outline what is new in tvOS 18.3 so far.
Robot Vacuum Support in Home App
First, tvOS 18.3 will add robot vacuum support to the Home app on the...
Blackmagic today announced that its URSA Cine Immersive camera is now available for pre-order, with deliveries set to start late in the first quarter of 2025. Blackmagic says that this is the world's first commercial camera system designed to capture 3D content for the Vision Pro.
The URSA Cine Immersive camera was first introduced in June, but it has not been available for purchase until...
Apple is planning a series of "major design" and "format changes" for iPhones over the next few years, according to The Wall Street Journal's Aaron Tilley and Yang Jie.
The paywalled report published today corroborated the widely-rumored "iPhone 17 Air" with an "ultrathin" design that is thinner than current iPhone models. The report did not mention a specific measurement, but previous...
