Login

mrtrout · 11-30-2017 , 09:16 PM

http://www.majorgeeks.com/news/story/app...ility.html Apple Patches MacOS High Sierra Security Fix for Critical Root Vulnerability
Posted by: Timothy Tibbetts on 11/30/2017 10:46 AM [ Comments ]
Apple has quickly patched the critical root vulnerability we reported on yesterday.

Here are the details per Apple:

"SECURITY UPDATE 2017-001

Released November 29, 2017

Directory Utility

Available for: macOS High Sierra 10.13.1

Not impacted: macOS Sierra 10.12.6 and earlier

Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password

Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.

CVE-2017-13872

When you install Security Update 2017-001 on your Mac, the build number of macOS will be 17B1002. Learn how to find the macOS version and build number on your Mac.

If you require the root user account on your Mac, you can enable the root user and change the root user’s password."

Apple took care of this one quickly and all Mac users should update immediately.

Login
Username:
Password:	Lost Password?
	Remember me

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	Google Patches 48 Vulnerabilities With First Set of 2022 Android Updates	mrtrout	0	779	01-06-2022 , 12:48 AM Last Post: mrtrout
	Apple releases iOS 14.4.1 and macOS 11.2.3 to address a WebKit vulnerability	Bjyda	0	1,299	03-08-2021 , 11:05 PM Last Post: Bjyda
	Apple starts taking countermeasures against new macOS malware strain	mrtrout	0	940	02-23-2021 , 12:26 AM Last Post: mrtrout
	Security threat to critical infrastructure reaches record high	Bjyda	0	930	02-21-2021 , 12:42 AM Last Post: Bjyda
	TIM’s Red Team Research (RTR) discovered a critical zero-day vulnerability in IBM Inf	Bjyda	0	2,354	02-13-2021 , 10:07 PM Last Post: Bjyda