It has been reported by news outlets recently that a vulnerability in macOS High Sierra exists in which an attacker may be able to bypass administrator authentication by accessing the system as “root” without entering the administrator’s password. Yesterday, Apple announced the release of “Security Update 2017-001” that will resolve the issue. It is important to note that the “root” account within macOS High Sierra is disabled by default. Users of macOS High Sierra will not be affected unless this account has manually been enabled.
The TTU IT Division recommends if you are using macOS High Sierra that you apply the security update at your earliest convenience. Updates can be applied by opening the App Store app on your Mac. Click Updates in the App Store toolbar, then use the Update buttons to download and install any updates listed. Please note that “Security Update 2017-001” is only available for systems running macOS High Sierra 10.13.1. If you are running 10.13 you will need to update to 10.13.1 first, then update the latest security release. If you are unsure what version of macOS you are running, please refer to the below link.
How to: Determine the version of MacOS installed on your computer
For questions or concerns in the meantime, please contact IT Help Central at (806) 742-4357 (HELP) or via email at ithelpcentral@ttu.edu.
