Apple Releases macOS High Sierra 10.13 Supplemental Update With Fix for APFS Disk Utility Bug and Keychain Vulnerability

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Oct 5, 2017.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Apple today released a supplemental update to macOS High Sierra 10.13, the first update to the macOS High Sierra operating system that was released to the public in late September. The macOS High Sierra 10.13 update comes just over one week after the release of macOS High Sierra.

    The new version of macOS High Sierra 10.13 is a free update for all customers who have a compatible machine. The update can be downloaded using the Software Update function in the Mac App Store.

    [​IMG]

    The supplemental macOS High Sierra 10.13 update addresses a software vulnerability that could expose the passwords of encrypted Apple File System volumes in plain text in Disk Utility.

    Apple has released a support document alongside the Supplemental Update that walks users through the process of protecting their data if macOS High Sierra is showing a password instead of a password hint on an encrypted APFS volume.

    Steps include installing the new update, creating an encrypted backup of data for the affected volume, erasing the drive, reformatting to APFS, then APFS (Encrypted), and finally restoring the data that was backed up.

    A separate security support document says that the update also fixes a vulnerability that could let a hacker steal the usernames and passwords of accounts stored in Keychain using a malicious third-party app.

    And finally, according to the release notes accompanying the update, it also improves installer robustness, fixes a cursor graphic bug in Adobe InDesign, and resolves an issue where messages couldn't be deleted from Yahoo accounts in Mail.

    macOS High Sierra introduces a new more modern file system designed for flash storage (APFS), Metal 2, Safari improvements that protect user privacy and prevent autoplay videos, and improvements to several apps like Photos, Mail, Notes, and more.

    Article Link: Apple Releases macOS High Sierra 10.13 Supplemental Update With Fix for APFS Disk Utility Bug and Keychain Vulnerability
     
  2. farewelwilliams, Oct 5, 2017
    Last edited: Oct 5, 2017

    farewelwilliams macrumors 68000

    Joined:
    Jun 18, 2014
  3. Amazing Iceman macrumors 68040

    Amazing Iceman

    Joined:
    Nov 8, 2008
    Location:
    Florida, U.S.A.
    #3
    That was the fastest fix I've ever seen..!

    How about other meaningful updates?
     
  4. phillytim macrumors 65816

    phillytim

    Joined:
    Aug 12, 2011
    Location:
    Philadelphia, PA
    #4
    At least Apple has been responsive, as the APFS vulnerability was just revealed within the past day.
     
  5. WatchTheThrone macrumors regular

    WatchTheThrone

    Joined:
    Aug 2, 2011
  6. EdwinRojas macrumors newbie

    EdwinRojas

    Joined:
    May 28, 2009
    Location:
    Henderson, NV
    #6
    But does it address the new file system issue with non-compatibility with Fusion Drives?
     
  7. Porco macrumors 68030

    Porco

    Joined:
    Mar 28, 2005
    #7
    If they only just found about the Disk Utility bug then this was very fast, so well done to them on that.
     
  8. OldSchoolMacGuy macrumors 601

    OldSchoolMacGuy

    Joined:
    Jul 10, 2008
    #8
    Someone will complain about having to install updates. They'd rather have Microsoft which would wait to patch a security issue because it's not part of their update release schedule. There were a number complaining of recent iOS updates in this way.
     
  9. phillytim macrumors 65816

    phillytim

    Joined:
    Aug 12, 2011
    Location:
    Philadelphia, PA
    #9
    Probably not, at this quick fix. Can anyone verify?
     
  10. EdwinRojas macrumors newbie

    EdwinRojas

    Joined:
    May 28, 2009
    Location:
    Henderson, NV
    #10
    Thanks.
     
  11. zhang96 macrumors member

    Joined:
    Jul 29, 2016
    Location:
    Ottawa
  12. kingjames1970 macrumors regular

    kingjames1970

    Joined:
    Mar 18, 2008
    Location:
    Hampshire, UK
    #12
    ...fixes a cursor graphic bug in Adobe InDesign

    HURRAH! That was v quick. Thought we'd wait a couple of months for that - kudos to Apple for the speed of this update.
     
  13. jbachandouris macrumors 601

    jbachandouris

    Joined:
    Aug 18, 2009
    Location:
    Upstate NY
  14. bwintx macrumors 6502

    bwintx

    Joined:
    Jul 17, 2002
    #14
    Excellent. The bug gets publicized this morning, it's fixed by midday (my time). Can't beat a deal like that. I don't care what the haters say.
     
  15. jayducharme macrumors 68040

    jayducharme

    Joined:
    Jun 22, 2006
    Location:
    The thick of it
    #15
    I wouldn't be surprised if Apple knew about this bug before it was publicized and already had been working on a fix.
     
  16. Dantoro macrumors newbie

    Joined:
    Sep 28, 2017
    #16
    I didn't even hear about that disk utility bug until this morning, and it's already been fixed? I guess Apple works fast (sometimes)
     
  17. antonis1 macrumors newbie

    Joined:
    Sep 20, 2017
    #17
  18. RednBlue macrumors member

    RednBlue

    Joined:
    Dec 17, 2013
    Location:
    Reading UK
  19. melendezest Suspended

    Joined:
    Jan 28, 2010
    #19
    All I want to know is when this'll be safe (or worth it) to install on my spin-drive 2011/2012 Macs.

    Any info early adopters can provide is appreciated.
     
  20. madmin macrumors regular

    Joined:
    Jun 14, 2012
    #20
    Thanks antonis1. Good to see these fixes were dealt with pronto.
     
  21. Wackery macrumors 6502a

    Joined:
    Feb 1, 2015
  22. Cougarcat macrumors 604

    Joined:
    Sep 19, 2003
    #22
    This bug also exists on Sierra, so I hope they release a security update for it as well.
     
  23. tkermit macrumors 68040

    tkermit

    Joined:
    Feb 20, 2004
    #23
    I'd rather not erase my volumes. Wouldn't it suffice to clear the stored password hint using the diskutil command line utility?
     
  24. GustavPicora macrumors member

    Joined:
    Jan 22, 2010
  25. Brian Clifford macrumors regular

    Brian Clifford

    Joined:
    Oct 23, 2016
    #25
    Sometimes, I do have to laugh.

    I just returned to Mac Rumors Home Page after hoping to find some helpful comments in the thread on the Disc Utility/APFS vulnerability, and found Mac Rumors newest post announcing the issue had been resolved with a supplemental update.

    Phew, that was ten minutes uncomfortable reading. :p
     

Share This Page