An official fix is now available via Apple directly as of today, Nov 29 less than 24 hours after the vulnerability was discovered. You can also fix this via the steps below.
After a security flaw was detected by a software developer who publicly announced the error Tuesday, Apple has now responded with a security update available through the mac App store (blue icon) in less than 24 hours. If you do not see the expected update for your Mac, install any updates listed and then return back to the Updates tab to see. You can also search for the app to update - in this case, that would be High Sierra. Here’s Apple’s guidelines.
This security update is important to install because a vulnerability in the ‘root’ user account can give a hacker access to other areas of your computer, including your private files, as Apple explains.
Users with macOS Sierra 10.12.6 were not affected by this security vulnerability. The new update fixes a logic error that existed in the validation of credentials. This error has now been addressed with improved credential validation.
There are two steps you can take to close this security hole on your own. They include limiting guest access and changing the root password.
To access this page, you may have to first click on the lock on the lower left and authenticate your account before you can make any changes in this area.
We have assisted many businesses in implementing MDMs, developing custom security policies and procedures, and redesigning their networks.The list goes on and on. Contact us today and see how we can help you too.
Contact SalesWe are a remote and fully distributed, Nationwide Apple focused MSP serving Washington DC, Philadelphia, New York, Chicago, San Francisco, San Diego & more.
We focus on providing top notch Mac Support for small to mid-sized businesses. Contact us, and learn how we can help your company.
© Grove Technologies is a registered service mark of Grove Technologies LLC. All Rights Reserved. Privacy Policy. Cookie Preferences