large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

macOS High Sierra security flaw fixed — Apple urges Mac users to install update ASAP

Apple has promptly released a macOS High Sierra update to address a critical security flaw that made it easy for unauthorised users to commandeer Mac computers.

Yesterday it emerged it was possible to gain administrator privileges simply by typing the word “root” into user field and hitting login multiple times. The flaw required no password.

On Tuesday evening Apple acknowledged the issue, offered a temporary workaround and promised a full fix was incoming.

The fix, Security Update 2017–001, is now available from the Mac App Store now and should be installed immediately by anyone with a machine running High Sierra 10.13.1.

The Mac App Store listing also advises users to update “as soon as possible”

Apple has also taken the unusual step of… wait for it… apologising for making a mistake and putting its customers at risk.

In a statment, the firm said: “Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

“We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.”

Related: Best laptops

Indeed, the basic flaw is not something we’ve come to expect from Apple, but at least the company has moved quickly to address the issue.

Does this oversight shake your confidence shake your confidence in macOS? Drop us a line @TrustedReviews on Twitter.

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.