Apple Patches Mac OS Security Bug

PHOTO: APPLE

Apple Patches Mac OS Security Bug

Apple has patched a macOS High Sierra flaw that would allow intruders to gain full administrator access on your system.

Apple has patched a macOS High Sierra flaw that would allow intruders to gain full administrator access on your system. Security Update 2017-001 should be installed by Mac users running High Sierra as soon as possible.

The company released Security Update 2017-001 Wednesday to fix a bug that would allow people to gain control over a Mac simply by putting “root” as the username and hitting the Return key a few times.

The bug was made public Tuesday on Twitter by Turkish software designer Lemi Orhan Ergin. Ergin has been criticized for not following responsible guidelines by notifying Apple of the security flaw with reasonable time to fix it before going public.

Luckily, the threat of an attack to your system’s security using this flaw is fairly low in practice. Anyone wanting to exploit the bug would have to have physical access to your Mac, and you could also avoid it by following instructions issued by Apple to set up a root password.

In a statement issued by Apple, the company apologized for the error and said that starting late Wednesday the patch would be “automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.”

Some security experts remain critical of Apple’s security.

“Recent years have not been good for anyone relying on OS X for security,” Tripwire computer security researcher Craig Young said. “Apple needs to seriously re-evaluate how they perform quality assurance testing, as there is really no excuse for releasing macOS with some of these blatant security failings.”

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • Report: 47 Percent of Security Service Providers Are Not Yet Using AI or Automation Tools

    Trackforce, a provider of security workforce management platforms, today announced the launch of its 2025 Physical Security Operations Benchmark Report, an industry-first study that benchmarks both private security service providers and corporate security teams side by side. Based on a survey of over 300 security professionals across the globe, the report provides a comprehensive look at the state of physical security operations. Read Now

    • Guard Services
  • Identity Governance at the Crossroads of Complexity and Scale

    Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now

  • Eagle Eye Networks Launches AI Camera Gun Detection

    Eagle Eye Networks, a provider of cloud video surveillance, recently introduced Eagle Eye Gun Detection, a new layer of protection for schools and businesses that works with existing security cameras and infrastructure. Eagle Eye Networks is the first to build gun detection into its platform. Read Now

  • Report: AI is Supercharging Old-School Cybercriminal Tactics

    AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic. Read Now

  • Pragmatism, Productivity, and the Push for Accountability in 2025-2026

    Every year, the security industry debates whether artificial intelligence is a disruption, an enabler, or a distraction. By 2025, that conversation matured, where AI became a working dimension in physical identity and access management (PIAM) programs. Observations from 2025 highlight this turning point in AI’s role in access control and define how security leaders are being distinguished based on how they apply it. Read Now

New Products

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.