Apple’s macOS ‘root’ bug can be reopened by updating
After news broke of a devastating security flaw in its most recent version of macOS, Apple responded quickly by releasing a patch. Installing Security Update 2017-001 on either macOS 10.13 or 10.13.1 will resolve a problem that allowed anyone to login with admin access simply by typing the username “root” and leaving the password blank, but people have discovered there’s another wrinkle.
As Wired mentions, if someone is still on the initial release of High Sierra (10.13), and installs the patch, then later updates to 10.13.1, then the security flaw will return. It can be fixed by reinstalling the patch, but it’s important for users to know that the computers won’t restart itself, and it needs to be restarted before it will be secure. It’s hardly impossible, but it could leave people insecure even if they think they’ve installed patches the right way, and probably explains why (when they can) companies wait for more testing before rolling out a patch.
tl;dr: Mac owners, mash that update button — reboot, check again to make sure you have all the updates, and if they need to install then reboot your system again once they’re done. If you have any problems afterward with file sharing, then just take a look here for a fix.
(40)