What a ride this week!?
If you were living under a rock, here is the quick rundown: someone notified AppleSupport on Twitter of a major security hole in High Sierra. You could get root access to a Mac by following a few simple steps at a login pane or window. It also worked remotely. Thankfully the MacAdmin community jumped right onto it and we had a workaround available very quickly. Also a nickname: “IAmRoot” Apple then provided a patch in just about 24 hours… and then another one a few hours later. (The first one broke the Local KDC file, prohibiting file sharing access.)
The patch is being (interestingly) pushed automatically without user interaction to Macs with 10.13.0 and 10.13.1.
Excellent Summary from MacMule
You can (justifiably) make arguments that errors like this are inexcusable. However, they do happen, and I learnt a lot from MacAdmins Slack about the issue, this kind of security and more about how passwords and accounts work. So thanks (once again) to the MacAdmins community for everyone who put their time into this. And also thanks to the Apple engineers involved I can only imagine what a task it must be to push a fix like this within a day.
Because of this, most other news seems to have been swamped, but you should also not miss an updated support article by Apple, where they describe the upcoming ‘User Approved MDM.’
If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)
#! On Scripting OS X
- Updated my post “On the macOS Version” with corrections and new info
- On Twitter:
Mac Terminal #ProTip: option-click in the command prompt to move cursor pic.twitter.com/aYAuH7300R
— Scripting OS X (@scriptingosx) November 30, 2017
📰News and Opinion
- imaroot – it’s fixed, somethings broken, fixed that now too – macmule
- Why blank Gets You Root – Patrick Wardle, Objective-See
🔨Support and HowTos
- Xplorer: list of XProtect updates
- Block Google Chrome Extensions with a Profile – Darren Wallace, Amsys
- Security Update 2017–001 being pushed to both macOS 10.13.0 and 10.13.1 – Rich Trouton
- One-liner to install the Patch
- VirtualBox – disabling automatic update notifications – Sound Mac Guy
🍏Apple Support
- Prepare for changes to kernel extensions in macOS High Sierra New section on User Approved MDM
📺To Watch
🎧To Listen
- KRACK Squad with Heather Williams – Mac Admins Podcast
- Mac Admins Flashcast Special: The #iamroot Situation
📚Support
I do not have ads on my webpage or this newsletter. However, if you want to support me and this website, then please consider buying one (or both) of my books. (Imagine it’s like a subscription fee or patreon, but you also get a useful book on top!)
If you have already bought and read the books, please leave a review on the iBooks Store. Reviews are important to help new potential readers make the purchase decision. Thank you (again)!