Apple releases security fix for macOS High Sierra login security flaw

Mac OS Flaw

Within 24 hours of the MacOS login flaw news making its way to the public, Apple has promptly rolled an update patching the login security flaw which allowed anyone to login to MacOS without a password. The update is already available through the Mac App Store.

The issue did not affect older MacOS; instead, it was limited to High Sierra. But then the update is only available to macOS 10.13.1 for now and is not available for macOS 10.13.2 beta yet. Once you update your MacBook, the build number changes to 17B1002.

Commenting on the same, Apple after issuing the security fix has said:

Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.

We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.