Video: Apple MacOS High Sierra's biggest changes aren't visible
Apple has issued a fix for the "root" security flaw in the latest release of macOS High Sierra that allowed full admin access without a password.
The Cupertino, Calif.-based tech giant confirmed the existence of the bug on Nov. 28 and said it was working on a software update to address the issue. That fix has now been released less than 24 hours later and is detailed here.
Apple has also issued the following statement:
"Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8:00 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again."
While Apple was quick to remedy the security flaw, many are chiding the company for what is now the fourth password-related security problem since High Sierra was released in September. Nonetheless, the security update is rolling out now in the Mac App Store, and it's recommended that all users running macOS High Sierra install it immediately.