Apple Releases macOS High Sierra Security Update to Fix Root Password Vulnerability

Apple today released Security Update 2017-001 to fix a serious vulnerability that enables access to the root superuser account with a blank password on any Mac running macOS High Sierra version 10.13.1.


The critical bug, which gained attention after it was tweeted by developer Lemi Ergin yesterday, lets anyone gain administrator privileges by simply entering the username "root" and a blank password in System Preferences > Users & Groups.

The security update is rolling out on the Mac App Store now, and it should be installed by all users running macOS High Sierra as soon as possible. Regardless, starting later today, Apple said the security update will be automatically installed on all Macs running macOS High Sierra 10.13.1.

Apple has since apologized for the vulnerability in a statement issued to MacRumors:

Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.

We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.

The vulnerability does not affect macOS Sierra or any other previous version of the operating system.

Top Rated Comments

(View all)
Avatar
34 months ago
How embarrassing...

I wish Apple did a better job testing their releases. We used to enjoy such high quality when it came to software updates and releases.
Score: 42 Votes (Like | Disagree)
Avatar
34 months ago

That was quick

And it was utterly necessary that it be just that.
Score: 36 Votes (Like | Disagree)
Avatar
34 months ago
That was quick
Score: 34 Votes (Like | Disagree)
Avatar
34 months ago

How embarrassing...

I wish Apple did a better job testing their releases. We used to enjoy such high quality when it came to software updates and releases.

You ever heard of Windows? Perhaps you should read up on that OS if you haven't.

Also, give me a break. Nobody finds everything, not even "Apple". Patched quickly and painlessly. Move along.
Score: 31 Votes (Like | Disagree)
Avatar
34 months ago

You ever heard of Windows? Perhaps you should read up on that OS if you haven't.

Also, give me a break. Nobody finds everything, not even "Apple". Patched quickly and painlessly. Move along.

Three... count 'em... THREE... critical and ridiculous security issues with Mac OS High Sierra within as many months. This one, the Disk utility one, and the keychain one. And that's just the security issues...

There's no excuse for it. Saying "well, microsoft is just as bad" just means that Apple is stooping to Microsoft's level... but I'd actually venture to say that Apple is starting to get worse than Microsoft when it comes to Mac OS vs Windows.
Score: 13 Votes (Like | Disagree)
Avatar
34 months ago
This is actually an argument in favor of public disclosure of vulnerabilities. Lemi Orhan Ergin was catching a lot of criticism yesterday for posting it on twitter, but if this bug had been reported privately, it would have taken much longer to fix, while malicious actors would be able to exploit it all along.
Score: 10 Votes (Like | Disagree)

Top Stories

Apple Warns Against Closing MacBooks With a Cover Over the Camera

Friday July 10, 2020 11:12 am PDT by
Apple this month published a support document that warns customers against closing their Mac notebooks with a cover over the camera as it can lead to display damage. Image via Reddit Apple says that the clearance between the display and the keyboard is designed to very tight tolerances, which can be problematic. Covering the camera can also cause issues with automatic brightness and True Tone....

iPhone Users Who Experienced 'Batterygate' Can Now File to Receive Around $25 Settlement From Apple

Monday July 13, 2020 6:50 am PDT by
Earlier this year, Apple agreed to settle a U.S. class action lawsuit that accused the company of "secretly throttling" older iPhone models. Now, eligible iPhone owners are beginning to be notified about their legal rights and options. Under the proposed settlement, Apple will provide a cash payment of approximately $25 to each eligible iPhone owner who submits a claim, with its total payout ...

Apple Moving Forward on Semitransparent Lenses for Upcoming AR Headset

Friday July 10, 2020 7:24 am PDT by
Apple and Foxconn have reached a key milestone in the development of Apple's long-rumored augmented reality headset, with the semitransparent lenses for the device moving from prototype to trial production, reports The Information. Apple is developing the lenses on a single production line at a Foxconn factory in Chengdu in southwestern China, where most of Apple’s iPad production is...

Arm-Intel-PowerPC Universal Binaries Are Possible

Saturday July 11, 2020 1:42 pm PDT by
Casual MacRumors visitors may not realize that we have a very active PowerPC forum where users discuss issues related to PowerPC Macs that have not been produced since 2006. Threads range from hardware upgrades and software options to nostalgia: Photo by AphoticD Apple's recently announced transition to Apple Silicon (Arm) based Macs raised some interesting questions about future support...

Possible 'iPhone 12' Battery Certifications Suggest Lower Capacities Than iPhone 11 Series

Monday July 13, 2020 4:22 am PDT by
MySmartPrice has spotted certifications for three new Apple batteries that it believes could be for the upcoming iPhone 12 lineup, despite them being less capacitive than the batteries in the current iPhone 11 series. The batteries are identified with the model numbers A2471, A2431, and A2466, and appear on Safety Korea, China's 3C, and the Danish agency UL Demko. Apple is expected to...

Leaker: 'iPhone 12 Pro' to Come With 6GB of RAM

Friday July 10, 2020 1:59 am PDT by
Later this year, Apple is expected to release four OLED iPhones in three display sizes, including 5.4, 6.7, and two 6.1-inch models. Rumors suggest the 6.7-inch iPhone and one 6.1-inch model will be higher-end devices, and now leaker @L0vetodream has corroborated previous rumors about the internal specs of Apple's upcoming lineup. Rumors suggest Apple will use 5-nanometer A14 chips in its...

Kuo: Apple Silicon Macs to Include 13-inch MacBook Pro and MacBook Air This Year, 14.1-inch and 16-inch MacBook Pro Models Next Year

Friday July 10, 2020 2:58 am PDT by
At last month's WWDC, Apple officially announced that its Mac computers will be transitioned from Intel x86 to homegrown Apple Silicon chips. Apple said it plans to deliver the first Apple Silicon Mac by the end of the year and complete the transition in about two years. According to Apple analyst Ming-Chi Kuo, a 13.3-inch MacBook Pro with a form factor similar to the current 13.3-inch...

Google to 'Dramatically' Improve Chrome Impact on Mac Battery Life

Sunday July 12, 2020 1:56 pm PDT by
Google will address long-standing battery life issues, particularly on Mac devices, reports The Wall Street Journal. Chrome will improve "tab throttling" by better prioritizing active tabs and limiting resource drain from tabs open in the background. This is said to have a "dramatic impact on battery and performance." Google has reportedly been performing early tests on Mac laptops in...

Top Stories: iOS 14 Public Beta, iPhone 12 Size Comparison, 14-Inch MacBook Pro Rumors

Saturday July 11, 2020 6:00 am PDT by
After one round of developer beta testing, Apple unleashed iOS and iPadOS 14 to a wider audience this week, opening it up to members of the public beta program. There are lots of changes and new features to check out, but as with any beta, be careful about installing it on your main devices. Subscribe to the MacRumors YouTube channel for more videos. Other major stories this week included our ...

Apple Shares Humorous 'Working-From-Home Thing' Video

Monday July 13, 2020 9:31 am PDT by
Apple today shared a funny video focused on the problems that people working from home have to deal with, including noisy children, chaotic schedules, communication issues, and more. The video focuses on showing off Apple products and their capabilities that can be useful when working from home, such as the ability to scan a document with an iPhone, mark up a PDF, Siri Reminders, and more.The...