Mac Root Bug
Mac Root Bug: a reader asks…
I just read a story about how the super-safe Mac operating system has a super-serious vulnerability that would let anyone take over my Mac. What should I do?
Apple is aware of the issue and issued a fix already, so just apply the update immediately and you don’t have to worry about it. It took Apple about 20 hours from the time the bug was reported till they issued a fix. Compared to Microsoft’s track record, this is phenomenal. While some security folks may have decried that such a vulnerability was even there in the first place, I think a lot of the hue and cry was simply 21st century sensationalist journalism. To update your Mac:
- Open the App Store on your Mac, and go to the Updates section. You’ll see a Security Update 2017-001.
- Install the update and you’re done.
I will tell you that a hacker needed to have physical access to your Mac in order to exploit the vulnerability, so if you always have physical control over your Mac, you didn’t need to worry about this at all.
It’s always a good idea to keep your system up-to-date, both with updates to MacOS and any installed software. For the latter, that process can be different depending on how the software developer set it up. For example, in Google Chrome you have to open the Help > About Google Chrome menu option to kick off an update check. Most other software will have a “Check for Updates” link on the help menu.
Putting off system updates can have a huge effect on the security and safety of your computer. Make these updates a priority always and you’ll be doing all you need to do to keep your computer as safe as possible.
Update: It appears the fix Apple released may break certain types of file sharing on your Mac. If that happens to you (few people really rely on this feature), then Apple has a method to fix the problem, detailed at https://support.apple.com/en-us/HT208317
This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:
or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!