Apple just released a patch that fixes a recently revealed security vulnerability in macOS High Sierra. This is the bug that let anyone gain admin access to Mac accounts without typing in a password. It’s a bad one. Good news is that Apple is making it very easy to update your software and squash the bug. Just click the “Update” box when you see it!
Image: Gizmodo
Now I know software updates are a pain, but please do your security a favour and follow through with this one. If you’re running macOS High Sierra, you should soon see a pop-up that looks like this:
Again, click the “Update” box. It will only take a second. If you don’t see the pop-up, you can go to the Mac App Store and click the “Updates” tab to download the patch. You can find a link to the App Store by clicking the Apple icon in the menu bar.
Let me be very clear about this: You should do the security update because you do not want this bug on your Mac. Now that news of the vulnerability is out in the wild, hackers will be rushing to exploit it. And as we explained when the bug first appeared, hackers don’t necessarily need physical access to your computer in order to exploit it. They can snake their way in using the Mac’s screen share feature. If, for some strange reason, you can’t update your Mac immediately, you can apply a temporary Band-Aid by enabling a root user on your Mac. But really, just update your computer.
Now go forth and be secure, friendly Apple fan. It’s a fun thing to do.