Apple Issues Security Updates for MacOS, iOS, TvOS, WatchOS, and Safari (bleepingcomputer.com) 30
Catalin Cimpanu, writing for BleepingComputer: Over the course of the last four days, Apple has released updates to address security issues for several products, such as macOS High Sierra, Safari, watchOS, tvOS, and iOS. The most relevant security update is the one to macOS, as it also permanently fixes the bug that allowed attackers to access macOS root accounts without having to type a password. Apple issued a patch for the bug the next day after it was discovered, but because the patch was delivered as an out-of-band update that did not alter the macOS version number, when users from older macOS versions updated to 10.13.1 (the vulnerable version), the bug was still present. With today's update, the patch for the bug -- now known as "IAmRoot" (CVE-2017-13872) -- has received a permanent fix. All users who upgrade to macOS High Sierra 10.13.2 are safe.
Wait, what? (Score:2)
With today's update, the patch for the bug -- now known as "IAmGroot" (CVE-2017-13872) -- has received a permanent fix.
Re: (Score:2)
Damn, I was hoping to get a "Thank you Ted, that was the joke."
Re: (Score:2)
How come the Dell security updates aren't announced here too? More people use Dell than Apple.
Have you submitted any story on Dell security updates here?
Re: (Score:1)
Dell doesn't patch their bugs. They just sell upgrades.
Re: (Score:2)
Dell begins offering laptops with Intel's management engine disabled [slashdot.org]
Too late if you activated Apple Pay (Score:1)
Think about it.
They got your credit/debit cards.
Yup.
Re: (Score:2)
Re: (Score:1)
>Apple Pay
Oh, I remember that. That was that thing for idiots who were convinced it was easier to carry around a 6 ounce, $1000 phone than a free 10 gram debit card because "tapping" was somehow infinitely less physically exhausting than "swiping".
So how's that working out for them?
Re: (Score:1)
>Apple Pay
Oh, I remember that. That was that thing for idiots who were convinced it was easier to carry around a 6 ounce, $1000 phone than a free 10 gram debit card because "tapping" was somehow infinitely less physically exhausting than "swiping".
So how's that working out for them?
Not sure, but they bundled it into the latest iOS 11.2 iPhone update.
Re: (Score:2)
Oh, I remember that. That was that thing for idiots who were convinced it was easier to carry around a 6 ounce, $1000 phone than a free 10 gram debit card because "tapping" was somehow infinitely less physically exhausting than "swiping".
It is a bit easier to to "tap" using the cell phone that's already in your hand (because of course it is) than to dig out your wallet, then dig the credit card out of the wallet, then swipe, then (sometimes) sign your name on the little slip of paper, then put it all away again.
But that's not the real advantage of Apple Pay over a credit card -- the real advantage is that it's less vulnerable to replay attacks. WIth swiping a debit/credit card, anytime you make a purchase, you've given the seller all the i
Re: (Score:2)
If your shopping and your cell phone is already in your hand then you have other problems.
Most people shop with their phone, on a website (or App)
Re: (Score:2)
Yeah, it's a nice example of obsolete before on the market.
Re: (Score:1)
Nice they at least give you a choice to update macOS and iOS - even though it nags.
Unlike all those Android updates from carriers. What a pain those are.
Re: (Score:2)
Apple fuck-nuggets broke the boot process AGAIN (Score:3)
Try to avoid this update if possible.
The previous High Sierra update failed when trying to start the window manager. I was able to recover by starting in single user mode and immediately exiting, which started the window manager.
With this update, the Apple fuck-nuggets have broken that work-around.
I have a macbook pro w/ 15" screen for sale.
Re: (Score:2)
I got the bitch back on the air. Reinstalled via ctrl/apple/r (?) which still failed to start the *cough* window *cough* manager, but at least the single-user + exit technique still worked.
I still think these developers need a taste of the triple lashed whip