If you’re running macOS High Sierra, it’s time to update your Mac as soon as possible. Apple has released a security update that addresses the security vulnerability discovered yesterday afternoon. The update is available now through the Mac App Store.
Apple details the fix here:
Security Update 2017-001
Released November 29, 2017
Available for: macOS High Sierra 10.13.1
Not impacted: macOS Sierra 10.12.6 and earlier
Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password
Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
When you install Security Update 2017-001 on your Mac, the build number of macOS will be 17B1002. Learn how to find the macOS version and build number on your Mac.
If you require the root user account on your Mac, you can enable the root user and change the root user’s password.
While the security vulnerability was a rather serious one, Apple has promptly responded with a fix less than 24 hours after it became public. The issue did not affect older versions of macOS.