If you're new to AirPods, considering buying a pair, or just want to pick up some new tips.
AirPods and AirPower: Everything We Know
Apple Releases macOS High Sierra Security Update to Fix Root Password Vulnerability
Apple today released Security Update 2017-001 to fix a serious vulnerability that enables access to the root superuser account with a blank password on any Mac running macOS High Sierra version 10.13.1.
The critical bug, which gained attention after it was tweeted by developer Lemi Ergin yesterday, lets anyone gain administrator privileges by simply entering the username "root" and a blank password in System Preferences > Users & Groups.
The security update is rolling out on the Mac App Store now, and it should be installed by all users running macOS High Sierra as soon as possible. Regardless, starting later today, Apple said the security update will be automatically installed on all Macs running macOS High Sierra 10.13.1.
Apple has since apologized for the vulnerability in a statement issued to MacRumors:
The critical bug, which gained attention after it was tweeted by developer Lemi Ergin yesterday, lets anyone gain administrator privileges by simply entering the username "root" and a blank password in System Preferences > Users & Groups.
The security update is rolling out on the Mac App Store now, and it should be installed by all users running macOS High Sierra as soon as possible. Regardless, starting later today, Apple said the security update will be automatically installed on all Macs running macOS High Sierra 10.13.1.
Apple has since apologized for the vulnerability in a statement issued to MacRumors:
Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.The vulnerability does not affect macOS Sierra or any other previous version of the operating system.
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
[ 288 comments ]
Top Rated Comments
(View all)
16 months ago
How embarrassing...
I wish Apple did a better job testing their releases. We used to enjoy such high quality when it came to software updates and releases.
I wish Apple did a better job testing their releases. We used to enjoy such high quality when it came to software updates and releases.
16 months ago
How embarrassing...
I wish Apple did a better job testing their releases. We used to enjoy such high quality when it came to software updates and releases.
You ever heard of Windows? Perhaps you should read up on that OS if you haven't.
Also, give me a break. Nobody finds everything, not even "Apple". Patched quickly and painlessly. Move along.
16 months ago
You ever heard of Windows? Perhaps you should read up on that OS if you haven't.
Also, give me a break. Nobody finds everything, not even "Apple". Patched quickly and painlessly. Move along.
Three... count 'em... THREE... critical and ridiculous security issues with Mac OS High Sierra within as many months. This one, the Disk utility one, and the keychain one. And that's just the security issues...
There's no excuse for it. Saying "well, microsoft is just as bad" just means that Apple is stooping to Microsoft's level... but I'd actually venture to say that Apple is starting to get worse than Microsoft when it comes to Mac OS vs Windows.
16 months ago
This is actually an argument in favor of public disclosure of vulnerabilities. Lemi Orhan Ergin was catching a lot of criticism yesterday for posting it on twitter, but if this bug had been reported privately, it would have taken much longer to fix, while malicious actors would be able to exploit it all along.
16 months ago
Let's face it. Every operating system or application will come across vulnerabilities, but it doesn't truly matter how bad or embarrassing they are (like this one was).
The real test of a quality company is how fast they can provide the update/patch to fix the security issues.
This was a big miss on the "QA front end" for Apple, but it was an excellent timely response to an urgent issue.
The real test of a quality company is how fast they can provide the update/patch to fix the security issues.
This was a big miss on the "QA front end" for Apple, but it was an excellent timely response to an urgent issue.
16 months ago
Does Craig loose some stock options for this and other software bugs that seem to become more prevalent with Apple software?
16 months ago
How embarrassing...
I wish Apple did a better job testing their releases. We used to enjoy such high quality when it came to software updates and releases.
Typical knee-jerk response from someone who doesn't understand the nature of the bug or the scope of OS development and testing.
[ Read All Comments ]
Google's "Keep" app for taking notes and making lists today expanded to the Apple Watch, allowing the app's users to use the note taking and list making functionality right on their...
Apple today seeded the third beta of an upcoming macOS Mojave 10.14.4 update to its public beta testing group, one day after seeding the third beta to developers and two weeks after releasing the...
Apple today seeded the third beta of an upcoming tvOS 12.2 update to developers for testing purposes, two weeks after seeding the second beta and a month after releasing the tvOS 12.1.2 update.
...
Apple today seeded the third beta of an upcoming watchOS 5.2 update to developers, two weeks after seeding the second watchOS 5.2 beta and a month after releasing watchOS 5.1.3.
Once the proper...
GM was one of the early adopters of CarPlay, with the feature debuting on a few 2016 Chevrolet models and rapidly spreading across the company's various brands including Buick, GMC, and...
Following an announcement last year and launch in Europe, Eve Systems today released the portable LED lamp Eve Flare in the United States and Canada. Similar to Hue Go, Eve Flare lets you pick up and...
SoundCloud today announced a new feature that allows creators to distribute their music directly to major streaming music services like Apple Music, Spotify, and Amazon Music (via Billboard). The...
Printer company Epson today announced the launch of voice-activated mobile printing support for Siri, Amazon Alexa, and Google Assistant. With the addition, iOS users can snap a photo and ask Siri to...
