Apple Releases Extremely Important macOS High Sierra Supplemental Update

Author Photo
Oct 5
9Shares
Submit

Apple has released an extremely important macOS High Sierra supplemental update that fixes a crucial APFS vulnerability.

New macOS High Sierra Supplemental Update Released. Fixes Crucial APFS Vulnerability That Could Expose Your Passwords in Plain Text.

Apple released macOS High Sierra last month to the public, and today the company is releasing the first ever update to the OS. Not exactly good news if you’re asking me, since the update actually fixes an extremely crucial APFS bug that could allow anyone to see your passwords in plain text using Disk Utility. Here’s the full changelog of the update.

macos-10-12-4-and-tvos-10-2-betaRelatedApple Seeds macOS High Sierra 10.13.1 And tvOS 11.1 Beta 4 To Developers

StorageKit

Available for: macOS High Sierra 10.13

Impact: A local attacker may gain access to an encrypted APFS volume

macos-high-sierra-2RelatedApple Releases macOS High Sierra 10.13.1 Beta 3 To Developers

Description: If a hint was set in Disk Utility when creating an APFS encrypted volume, the password was stored as the hint. This was addressed by clearing hint storage if the hint was the password, and by improving the logic for storing hints.

CVE-2017-7149: Matheus Mariano of Leet Tech

Security

Available for: macOS High Sierra 10.13

Impact: A malicious application can extract keychain passwords

Description: A method existed for applications to bypass the keychain access prompt with a synthetic click. This was addressed by requiring the user password when prompting for keychain access.

CVE-2017-7150: Patrick Wardle of Synack

Given that this is an extremely important update, therefore I would suggest downloading and install it right away. In order to do so, just launch the Mac App Store, click on the Updates tab at the top. Let the Mac App Store refresh for a while and the update will show up in no time. Click on the Update button next to the available download and you’ll be in business immediately.

Once the update is done downloading, you will be required to restart your Mac once. Therefore it’s important that you save up all your work ahead of time. Once through, you can start using macOS High Sierra normally, without worrying that your passwords can be snooped easily.

Submit