Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Security IOS Safari Apple

Apple Issues Security Updates for MacOS, iOS, TvOS, WatchOS, and Safari (bleepingcomputer.com) 30

Catalin Cimpanu, writing for BleepingComputer: Over the course of the last four days, Apple has released updates to address security issues for several products, such as macOS High Sierra, Safari, watchOS, tvOS, and iOS. The most relevant security update is the one to macOS, as it also permanently fixes the bug that allowed attackers to access macOS root accounts without having to type a password. Apple issued a patch for the bug the next day after it was discovered, but because the patch was delivered as an out-of-band update that did not alter the macOS version number, when users from older macOS versions updated to 10.13.1 (the vulnerable version), the bug was still present. With today's update, the patch for the bug -- now known as "IAmRoot" (CVE-2017-13872) -- has received a permanent fix. All users who upgrade to macOS High Sierra 10.13.2 are safe.

Apple Issues Security Updates for MacOS, iOS, TvOS, WatchOS, and Safari

Comments Filter:
  • With today's update, the patch for the bug -- now known as "IAmGroot" (CVE-2017-13872) -- has received a permanent fix.

  • Think about it.

    They got your credit/debit cards.

    Yup.

    • by AHuxley ( 892839 )
      Always use a gift card for software, music, movies. Who would risk having their CC with a computer company long term?
    • by Anonymous Coward

      >Apple Pay

      Oh, I remember that. That was that thing for idiots who were convinced it was easier to carry around a 6 ounce, $1000 phone than a free 10 gram debit card because "tapping" was somehow infinitely less physically exhausting than "swiping".

      So how's that working out for them?

      • >Apple Pay

        Oh, I remember that. That was that thing for idiots who were convinced it was easier to carry around a 6 ounce, $1000 phone than a free 10 gram debit card because "tapping" was somehow infinitely less physically exhausting than "swiping".

        So how's that working out for them?

        Not sure, but they bundled it into the latest iOS 11.2 iPhone update.

      • by Jeremi ( 14640 )

        Oh, I remember that. That was that thing for idiots who were convinced it was easier to carry around a 6 ounce, $1000 phone than a free 10 gram debit card because "tapping" was somehow infinitely less physically exhausting than "swiping".

        It is a bit easier to to "tap" using the cell phone that's already in your hand (because of course it is) than to dig out your wallet, then dig the credit card out of the wallet, then swipe, then (sometimes) sign your name on the little slip of paper, then put it all away again.

        But that's not the real advantage of Apple Pay over a credit card -- the real advantage is that it's less vulnerable to replay attacks. WIth swiping a debit/credit card, anytime you make a purchase, you've given the seller all the i

      • by tsa ( 15680 )

        Yeah, it's a nice example of obsolete before on the market.

  • by Windrip ( 303053 ) on Wednesday December 06, 2017 @07:26PM (#55691835) Journal

    Try to avoid this update if possible.
    The previous High Sierra update failed when trying to start the window manager. I was able to recover by starting in single user mode and immediately exiting, which started the window manager.
    With this update, the Apple fuck-nuggets have broken that work-around.
    I have a macbook pro w/ 15" screen for sale.

    • by Windrip ( 303053 )

      I got the bitch back on the air. Reinstalled via ctrl/apple/r (?) which still failed to start the *cough* window *cough* manager, but at least the single-user + exit technique still worked.

      I still think these developers need a taste of the triple lashed whip

This screen intentionally left blank.

Working...