Apple recently discovered a security flaw lurking in the latest version of macOS, High Sierra. The flaw allowed users to obtain administrative access to Mac computers without the use of a password. The company released a fix in less than 24 hours.
The update is designated with the name "Security Update 2017-01." Apple recognized how serious the security risk was and recommended that users install the update immediately.
According to the update page, affected operating systems (OS) are macOS High Sierra 10.13 and macOS High Sierra 10.13.1. Mac computers running macOS Sierra 10.12.6 and earlier are not affected.
The security update is meant to fix the flaw, but some users may find someproblems with file sharing after installing it. However, Apple published some steps on how to fix the file sharing problem as well.
Apple is serious about spreading the update wide and fast. Users of the affected OS need only open the Mac App Store to see the update ready for download and installation. In addition, the update has been automatically downloading and applying itself to affected computers since on Nov. 29.
According to The Verge, Apple has issued an apology in light of the security flaw's discovery. The company said that security is a top priority for Apple products and admitted that they "stumbled" with the recent macOS release. They added that they are auditing their development processes so that similar incidents will not happen again.
The security flaw was made public via Twitter on Nov. 29, when a user named @lemiorhan notified Apple of the issue. The user noted how High Sierra is vulnerable to logins that use "root" as the username while leaving the password field blank. The company had no knowledge of the flaw prior to the tweet.
Apple recognized the issue and their engineers got to work as soon as they heard of the problem.
