How to Fix That Very Bad Security Bug in macOS

Image: Gizmodo

Apple just released a patch that fixes a recently revealed security vulnerability in macOS High Sierra. This is the bug that let anyone gain admin access to Mac accounts without typing in a password. It’s a bad one. Good news is that Apple is making it very easy to update your software and squash the bug. Just click the “Update” box when you see it!

Now I know software updates are a pain, but please do your security a favor and follow through with this one. If you’re running macOS High Sierra, you should soon see a pop-up that looks like this:


Again, click the “Update” box. It will only take a second. If you don’t see the pop-up, you can go to the Mac App Store and click the “Updates” tab to download the patch. You can find a link to the App Store by clicking the “” icon in the menu bar.

Let me be very clear about this: You should do the security update because you do not want this bug on your Mac. Now that news of the vulnerability is out in the wild, hackers will be rushing to exploit it. And as we explained when the bug first appeared, hackers don’t necessarily need physical access to your computer in order to exploit it. They can snake their way in using the Mac’s screen share feature. If, for some strange reason, you can’t update your Mac immediately, you can apply a temporary Band-Aid by enabling a root user on your Mac. But really, just update your computer.

Now go forth and be secure, friendly Apple fan. It’s a fun thing to do.

Share This Story

Get our newsletter

About the author

Adam Clark Estes

Senior editor at Gizmodo.

PGP Fingerprint: 91CF B387 7B38 148C DDD6 38D2 6CBC 1E46 1DBF 22A8PGP Key
OTR Fingerprint: D9330D9B 6CF5E271 7FAC6194 DAA9B51B E09A99B2