Apple is offering a fix for a recently discovered security flaw in its new Mac operating system that made it possible for an intruder to bypass administrator authentication without typing in a password.
By exploiting this bug, one would be able to change a Mac’s settings without knowing the owner’s password. Apple’s latest update for macOS High Sierra, the new Mac software it launched in September, addresses this flaw.
Apple said in a statement that it’s auditing its development process to prevent a similar situation from happening again.
The update is available to download and will be automatically installed on all systems running version macOS High Sierra 10.13.1 later on Wednesday.
Below is Apple’s full comment:
To see if a software update is available for your Mac, click the Apple icon, select About Mac, and click the button that says “software update.” You can also open the App Store on your Mac and click the Updates tab to check for new software.
Developer Lemi Orhan Ergin publicly informed Apple about the security issue via Twitter on Nov. 28, and was criticized by some for doing so out of fear that the bug would be more widely exploited. Ergin wrote in a blog post that his colleagues informed Apple of the issue on Nov. 23.
According to Ergin, the exploit worked when opening the System Preferences menu, selecting Users & Groups, and then clicking the lock to make changes. When the prompt appears on screen asking for administrator login credentials, Ergin said it was possible to gain access when typing “root” in the username field while leaving the password blank after pressing the unlock button multiple times. Several Twitter users replied to Ergin’s tweet saying the technique worked.
Before the software fix was released, users could have made it so that a password must be typed in before gaining root access to their Mac.
More Must-Reads from TIME
- Welcome to the Noah Lyles Olympics
- Melinda French Gates Is Going It Alone
- What to Do if You Can’t Afford Your Medications
- How to Buy Groceries Without Breaking the Bank
- Sienna Miller Is the Reason to Watch Horizon
- Why So Many Bitcoin Mining Companies Are Pivoting to AI
- The 15 Best Movies to Watch on a Plane
- Want Weekly Recs on What to Watch, Read, and More? Sign Up for Worth Your Time
Contact us at letters@time.com