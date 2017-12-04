Apple Snafu Means Updating To macOS 10.13.1 Could Reactivate Root Access Bug (betanews.com) 16
Mark Wilson writes: A few days ago, a serious security flaw with macOS High Sierra came to light. It was discovered that it was possible to log into the 'root' account without entering a password, and -- although the company seemed to have been alerted to the issue a couple of weeks back -- praise was heaped on Apple for pushing a fix out of the door quickly. But calm those celebrations. It now transpires that the bug fix has a bug of its own. Upgrade to macOS 10.13.1 and you could well find that the patch is undone. Slow hand clap.
Oh good.. (Score:2)
"My slowclap processor made it into this thing." -GLaDOS
SNAFU? (Score:2)
Oh and before someone starts compiling a list of security screw-ups going back to the 80s, one or two legitimate screw-ups every few years are hardly "situation normal" type scenario.
Re: (Score:2)
it wasn't about the facts, it was about supplementing the headline with some clickbait
Re: (Score:2)
This is definitely huge blunder, but a SNAFU? Because it stands for "Situation Normal - All Fucked Up" and implies something happens all the time, which is not the case here.
That's the origin, all right; however, since surfacing in WWII it's morphed from an acronym to a noun that means "a badly confused or ridiculously muddled situation". Seems appropriate in this case.
Jony Ive's marketing team (Score:1)
must have done the fixed in between emoji design meetings.
All Major Tech Companies Have These Moments (Score:2)
This for Apple is what the burning batteries was for Samsung.
You're pretty much guaranteed to make a major snafu every once in a while if you're a big tech company. The scary thing is when a snafu occurs when controlling a power plant, or a weapons system, or something that could be used as a weapon.
As long as it's just phones and laptops we're OK.
Re: (Score:2)
Tell me that next time your laptop or phones catch fires, hopefully when your are not asleep.
Non story (Score:1)
Of course if you upgrade to 10.13.1 it will remove the patch, the patch doesn't exist in that version and it is a full update, not a delta. Shortly after the upgrade it will download and apply the patch to 10.13.1.
And then the patch is re-applied (Score:2)
And then within 24 hours Security Update 2017-001 is auto applied if not manually done so earlier.
Re: (Score:1)
So that 24 hour window is no problem.
Are there any third-party web-pages that are out there with links, recommending 'upgrade to the new MacOS 10.13.1' that have ads displayed on them? I would like to purchase some ads.
Big deal (Score:2)