NEWS
Home / News / News Details

Apple Releases A macOS Security Update to Fix Huge Login Security Flaw

11/30/2017

3165

Apple Releases A macOS Security Update to Fix Huge Login Security Flaw


Apple has just released a security update for macOS High Sierra and you should update right now (Apple will automatically push the security patch later today). This update fixes yesterday’s very concerning vulnerability that let anyone log into your Mac without your password.


In order to install the update, open the Mac App Store and click on the “Updates” tab. Interestingly, the release notes say “install this update as soon as possible.” Apple has worked long hours to fix yesterday’s flaw as soon as possible. But it shouldn’t have happened in the first place.


Apple Releases A macOS Security Update to Fix Huge Login Security Flaw


The security flaw affected all Macs running the latest version of High Sierra (at least version 10.13.1 — 17B48). On the login screen or in the preference panel, you could bypass all security screens by entering the root username and no password. Multiple persons at TechCrunch tested the flaw and could replicate it effortlessly. After that, you can see everything on the computer even if it’s not yours. It even works with a screen sharing session. For hackers, it’s a great way to access your emails, personal data and more.


Apple Releases A macOS Security Update to Fix Huge Login Security Flaw


The patch release notes are quite short. “A logic error existed in the validation of credentials. This was addressed with improved credential validation,” Apple says.


Update: Apple will automatically roll out the update later today for everyone who is affected. Apple has provided the following statement:


“Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.


When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8:00 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.


We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.”


Source: techcrunch
Related Articles
macOS High Sierra 10.13.2 Beta 4 Now Available
iOS 19 Will Bring Biggest Design Overhaul Since iOS 7
Apple Releases macOS Catalina With Find My, Screen Time, and No More iTunes
Apple Releases macOS Catalina 10.15.5 With Battery Health Management Features
Apple Releases macOS Mojave 10.14.1 Supplemental Update for 2018 MacBook Air
Apple Seeds macOS Big Sur 11.0.1 Release Candidate to Developers
MacOS 10.12.3 + iTunes 12.5.5 Hit the Mac App Store
Apple Releases First iOS 11.1, watchOS 4.1, tvOS 11.1, and macOS 10.13.1 Developer Betas
Connect with us
About Us Legal Statement Disclaimer
© 2010 - 2025 3uTools. All Rights Reserved.
3uTools lets you manage, customize, and enhance your iPhone or iPad with ease
An All-in-one Tool for iOS Devices
Windows
Mac OS
iOS
Linux
3uTools
Win 64-bit For this device
V9.01 2025-12-27
Download
Win 32-bit For this device
V9.01 2025-12-27
Download
Download V3 version
3uTools
Intel Chip How to Identify Chip Type
V9.01 2025-12-31
Download
Apple Silicon
V9.01 2025-12-31
Download
How to Identify Chip Type
1.  Click the Apple icon in the top-left corner of the screen and select About This Mac.
2.  Check the Processor or Chip field to determine if it is "Intel" or "Apple".
Please right-click the installer package and select "Open" to begin installation.
If installation fails, please view the troubleshooting solutions!
Please use the 3uTools PC client to install the iOS client:
1、 Install either the Windows or Mac version of 3uTools on your computer
2、 Open the PC client and connect your device to the computer via USB cable
3、 After the connection is successful, wait for the computer to automatically install the mobile app for the device, or locate “Install Mobile App” on the computer and manually click to install.
3uTools
deb file
V3.01 2025-11-20
Download
rpm file
V3.01 2025-11-20
Download
The deb file can be installed via command line: sudo dpkg -i yourpath/3uTools.deb
The rpm file can be installed via command line: rpm -ivh --nodeps yourpath/3uTools.rpm
Windows
Windows
iOS
iOS
Android
Android
TV
TV
3uAirPlayer
Win 64-bit For this device
V6.0.2 2025-11-19
Download
Win 32-bit For this device
V6.0.2 2025-11-19
Download
iOS Device Mirroring (No App Required)
1、 Install 3uAirPlayer on the Windows PC
2、 Open Control Center and select Screen Mirroring
3、 From the list, choose your PC to start mirroring
4、 Or connect your iOS device to the PC via USB to begin mirroring
Scan to get "3uAirPlayer" App
3uAirPlayer TV V1.0.18
2025-11-28
Download
TV System Requirements: Android 7.0 or later
Download the TV installation package, copy it to a USB drive, insert it into your TV or set-top box, then select the file from the home screen to install.