Information Services Division


Update: Apple update now available for Mac users running OS X High Sierra

29 November 2017


Update: 9am, 30 November

Apple have now released a software update to deal with this vulnerability. All users running High Sierra are encouraged to install this as soon as possible.

29 November

This alert is for all Mac users running OS X High Sierra (released September 2017). A researcher has discovered a trivial bypass of the login screen, allowing login to system accounts.

The immediate fix is

  1. Set a password for the root account. Log in as a user with adminaccess, run Terminal, and enter the following command: sudo passwd -u root
  2. Disable remote access to your Mac, and do not leave Macs unattended in an untrusted environment.

More details are available here: