Apple just released a patch that fixes a recently revealed security vulnerability in macOS High Sierra. This is the bug that let anyone gain admin access to Mac accounts without typing in a password. It’s a bad one. Good news is that Apple is making it very easy to update your software and squash the bug. Just click the “Update” box when you see it!
Now I know software updates are a pain, but please do your security a favour and follow through with this one. If you’re running macOS High Sierra, you should soon see a pop-up that looks like this:
Again, click the “Update” box. It will only take a second. If you don’t see the pop-up, you can go to the Mac App Store and click the “Updates” tab to download the patch.
Let me be very clear about this: You should do the security update because you do not want this bug on your Mac. Now that news of the vulnerability is out in the wild, hackers will be rushing to exploit it. And as we explained when the bug first appeared, hackers don’t necessarily need physical access to your computer in order to exploit it. They can snake their way in using the Mac’s screen share feature. If, for some strange reason, you can’t update your Mac immediately, you can apply a temporary stopgap by enabling a root user on your Mac. But really, just update your computer.
Now go forth and be secure, friendly Apple fan. It’s a fun thing to do.