Fix huge security flaw in macOS High Sierra

If you’re running macOS High Sierra, stop and do this now to fix the root access vulnerability.

Update: Apple has released a fix. Security Update 2017-001. Install the update:

1. Click Apple icon in menu bar
2. Go to App Store
3. Updates
4. Install security update 2017-001 (Doesn’t require a reboot.)

No further action required.

🚨 If you’re running #macOS #HighSierra, stop and do this *now* to fix the root access vulnerability.

Then share it with everyone you know and make sure they do it too.

📺: [Embedded]

📝: https://t.co/e9sErEvKNI pic.twitter.com/9jKcV7FAXm

— Rene Ritchie (@reneritchie) November 28, 2017

Alternative solutions achieve the same outcome

Spotlight Search

1. Open Spotlight Search, click the magnifying glass icon in the upper-right corner of the menu bar, or press Command-Space from any app
2. Start typing the first few letters of Directory Utility and press Return.
3. In Directory Utility, click on the Lock (🔒) icon.
4. Enter your Password.
5. Click on Edit in the menubar.
6. Click on Enable Root User.
7. Enter and confirm your Root User Password. Use a password manager e.g. 1Password or Lastpass to generate a strong, unique password.

If you prefer the command line, you can

1. Launch Terminal.
2. Type: sudo passwd -u root
3. Enter and confirm your Root User Password. Use a password manager e.g. 1Password or Lastpass to generate a strong, unique password.

Do not disable the Root User. That just blanks the password and allows the exploit to work again.