Got a question? Call 0800 835 835   |   
Contact usCheckoutContact us

Tales from the Certified Hacker: Urgent macOS patch out now!

By DDLS Webmaster | 30 November 2017

Apple have just released a patch which will be automatically installed on systems running the latest macOS 10.13 version of the High Sierra operating system. If you are not running this version on your Mac, you should upgrade to it and ensure that the security patch is applied.

The patch, given the CVE ID: CVE-2017-13872, corrects a bug giving anyone with physical access to a computer running the latest version of the operating system admin access simply by putting “root” in the user name field. According to Apple, the bug only affects macOS Sierra 10.13.1, and does not affect macOS Sierra 10.12.6 or earlier.

Unusually, the bug was announced by a developer, Lemi Orhan Ergin, who publicised the flaw on Twitter rather than going through the usual step of advising the software manufacturer (in this case Apple) of the bug, thus allowing them to release a patch before the flaw was announced to the world and thus making the flaw available to malicious users before the patch could be released.

References: Apple Security Update – https://support.apple.com/en-us/HT208315 National Vulnerability Database (NIST, USA) – https://nvd.nist.gov/vuln/search/

Stay safe, Terry Griffin


Feature Articles


Blog
Understanding PRINCE2 Version 6 vs 7: Themes, risks & issue management
By Fred Carenese | 21 May 2024
Read
Blog
The Growing Importance of Management Skills and the AMA CPM Certification in 2024
By Gary Duffield | 29 July 2024
Read
Blog
Transforming Your Business and Workforce with Microsoft AI Training
By Leif Pedersen | 30 July 2024
Read
Blog
CGEIT Training & Certification: Aligning IT with Business Objectives
By Jeremy Daly | 22 May 2024
Read
Blog
CDPSE Certification: Bridging the Gap Between Privacy and Technology
By Jeremy Daly | 24 May 2024
Read