Apple have just released a patch which will be automatically installed on systems running the latest macOS 10.13 version of the High Sierra operating system. If you are not running this version on your Mac, you should upgrade to it and ensure that the security patch is applied.
The patch, given the CVE ID: CVE-2017-13872, corrects a bug giving anyone with physical access to a computer running the latest version of the operating system admin access simply by putting “root” in the user name field. According to Apple, the bug only affects macOS Sierra 10.13.1, and does not affect macOS Sierra 10.12.6 or earlier.
Unusually, the bug was announced by a developer, Lemi Orhan Ergin, who publicised the flaw on Twitter rather than going through the usual step of advising the software manufacturer (in this case Apple) of the bug, thus allowing them to release a patch before the flaw was announced to the world and thus making the flaw available to malicious users before the patch could be released.
Apple Security Update – https://support.apple.com/en-us/HT208315
National Vulnerability Database (NIST, USA) – https://nvd.nist.gov/vuln/search/
Who is Going to the Microsoft Summit this week?
The brand new Microsoft Tech Summit is in Sydney this week and DDLS will be... Next Post
Appreciation and Recognition: The Dos and the Don’ts
Not all employee recognition programs are created equal. So when you’re trying to develop the most effective program for your...