How to Fix That Very Bad Security Bug in macOS

Image: Gizmodo
Image: Gizmodo

Apple just released a patch that fixes a recently revealed security vulnerability in macOS High Sierra. This is the bug that let anyone gain admin access to Mac accounts without typing in a password. It’s a bad one. Good news is that Apple is making it very easy to update your software and squash the bug. Just click the “Update” box when you see it!


Now I know software updates are a pain, but please do your security a favor and follow through with this one. If you’re running macOS High Sierra, you should soon see a pop-up that looks like this:

Illustration for article titled How to Fix That Very Bad Security Bug in macOS

Again, click the “Update” box. It will only take a second. If you don’t see the pop-up, you can go to the Mac App Store and click the “Updates” tab to download the patch. You can find a link to the App Store by clicking the “” icon in the menu bar.

Let me be very clear about this: You should do the security update because you do not want this bug on your Mac. Now that news of the vulnerability is out in the wild, hackers will be rushing to exploit it. And as we explained when the bug first appeared, hackers don’t necessarily need physical access to your computer in order to exploit it. They can snake their way in using the Mac’s screen share feature. If, for some strange reason, you can’t update your Mac immediately, you can apply a temporary Band-Aid by enabling a root user on your Mac. But really, just update your computer.

Now go forth and be secure, friendly Apple fan. It’s a fun thing to do.

Senior editor at Gizmodo.



But wait.....isn’t that same update button the one that gave us all the bug in the first place........