Published Wednesday, November 29, 2017

On November 28, a macOS 10.13.1 security issue was revealed—a flaw that allows root access to a Mac without the need for a password. It was discovered that anyone can log into a Mac by entering the user name root without a password. The first time you try to login, it won’t work. But if you try it again, you will be granted access. This only impacts macOS High Sierra 10.13.1.

macOS Sierra 10.12.6 and earlier is not impacted according to Apple.

Apple has issued an OS X 10.13.1 Security Update that patches the flaw. Apple urges users to “Install this update as soon as possible.”

Here are steps to update the software on your Mac: https://support.apple.com/en-us/HT201541 . If you have any questions, please contact the HSC Help Desk at 304.293.3631 or hsc_helpdesk@hsc.wvu.edu .