Donw35 Posted November 29, 2017 Share Posted November 29, 2017 I would recommend changing the root user password right now info here, all my systems are effected https://twitter.com/lemiorhan/status/935578694541770752 Link to comment Share on other sites More sharing options...
mnfesq Posted November 29, 2017 Share Posted November 29, 2017 Wow! Unbelievable! It took only 3 tries to get it to stop rejecting root as the username and a blank field for the password. On the 4th try, it unlocked for me. I also turned off auto-login. I then tried it from the login window. It allowed me to login as root and created a System Administrator user for me that gave me access to all of the data on all of the hard drives on my laptop. I logged out of System Administrator and back into my user profile and there was no sign that a System Administrator user had been set up. Link to comment Share on other sites More sharing options...
Vampirexx Posted November 29, 2017 Share Posted November 29, 2017 Apple released an update right now, it is a fix for this? be aware update 2017-001 breaks nvidia drivers! Link to comment Share on other sites More sharing options...
cwestpha Posted November 29, 2017 Share Posted November 29, 2017 I am starting to think High Sierra is turning into the Vista of the Mac world. x.x This security vulnerability, odd compatibility issues tracing back to 32-bit process handling changes, the annoying changes to SIP breaking web drivers even more than ever. It's just plain annoying. Had 3 engineers at work roll back their systems to 10.12 already because hardware and services started breaking. 1 Link to comment Share on other sites More sharing options...
mnfesq Posted November 29, 2017 Share Posted November 29, 2017 It appears that the security update is only for computers running 10.13.1. I have not seen it in the App Store with me running 10.13.2 beta 5. Has anyone else seen it in App Store who is running a beta version of 10.13.2? https://support.apple.com/en-us/HT208315 Here's a link to the update. It doesn't work on 10.13.2. https://support.apple.com/kb/DL1942?viewlocale=en_US&locale=en_US Does some brave soul want to try changing systemversion to 10.13.1 to see if the patch will work that way? I'm backing up now in order to give it a try. Link to comment Share on other sites More sharing options...
mnfesq Posted November 30, 2017 Share Posted November 30, 2017 So I tried the systemversion trick and it worked. I simply changed the system version in the systemversion.plist in Core Services to the 10.13.1 version, 17B48. No reboot needed. The update installed and then I changed it back to the one I had before, 17C83a. I then rebooted, whether it was needed or not. After reboot, I tried to repeat the exploit and it didn't work. However, I also couldn't change any settings in System Preferences/Security & Privacy. It turns out that the security fix disables the root user. I had to re-enable the root user and give it a password. Then I had access to the settings in Security & Privacy. After I re-enabled the root user, I tried the exploit again and again, it failed. The security update appears to have accomplished its goal even if it was overkill to disable the root user. Link to comment Share on other sites More sharing options...
IUTniun Posted November 30, 2017 Share Posted November 30, 2017 Update 2017-001 working ok intel hd 630 Link to comment Share on other sites More sharing options...
pico joe Posted November 30, 2017 Share Posted November 30, 2017 Repair file sharing after Security Update 2017-001 for macOS High Sierra 10.13.1 If file sharing doesn’t work after you install Security Update 2017-001, follow these steps. If you experience issues with authenticating or connecting to file shares on your Mac after you install Security Update 2017-001 for macOS High Sierra 10.13.1, follow these steps to repair file sharing: Open the Terminal app, which is in the Utilities folder of your Applications folder. Type sudo /usr/libexec/configureLocalKDC and press Return. Enter your administrator password and press Return. Quit the Terminal app. source : https://support.apple.com/en-us/HT208317 2 Link to comment Share on other sites More sharing options...
mnfesq Posted November 30, 2017 Share Posted November 30, 2017 Repair file sharing after Security Update 2017-001 for macOS High Sierra 10.13.1 If file sharing doesn’t work after you install Security Update 2017-001, follow these steps. If you experience issues with authenticating or connecting to file shares on your Mac after you install Security Update 2017-001 for macOS High Sierra 10.13.1, follow these steps to repair file sharing: Open the Terminal app, which is in the Utilities folder of your Applications folder. Type sudo /usr/libexec/configureLocalKDC and press Return. Enter your administrator password and press Return. Quit the Terminal app. source : https://support.apple.com/en-us/HT208317 After installing the security update, I could no longer connect my laptop to my TV via Plex. I tried your fix and it worked but I needed a reboot after running the Terminal code before it worked. 1 Link to comment Share on other sites More sharing options...
Recommended Posts